jdc1944
asked on
Application/Software Documents
What kind of documentation do external auditors look for when they are coming to do an application audit?
We have been informed they are looking for how the system is managed along with the security controls that have been put in place not only on the application itself but also on the servers that support it. They have also mentioned that they will be reviewing supporting documentation but have not stated what.
I don't really want to ask them at the moment so what kind of documentation do you think an auditor would be looking for when they come to audit a system.
We have been informed they are looking for how the system is managed along with the security controls that have been put in place not only on the application itself but also on the servers that support it. They have also mentioned that they will be reviewing supporting documentation but have not stated what.
I don't really want to ask them at the moment so what kind of documentation do you think an auditor would be looking for when they come to audit a system.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What is the audit for? FISMA? SOX? PCI? HIPAA?
ASKER
Many thanks for that, explains everything perfectly.