sunhux
asked on
Approach of IT audit interviews & sample questions to ask auditees
Q1:
For IT audit purposes, what are some of the questions that an auditor should ask
during the audit interview especially for Cyber, IT Infra, End-user computing audit?
Q2:
What are some of the open-ended question like "Can you describe your
network architecture", "what's your patch procedure/policy like", "what are
your perimeter & endpoint defenses" ... <pls add on>.
Q3:
Presume auditors should start with such open questions first before going
into more targetted questions?
Q4:
What are some of the more targetted questions?
Eg: "how long is your backup retention for DB, logs, ...", "share some of
the recent patch logs", ...<pls add on> ...
For IT audit purposes, what are some of the questions that an auditor should ask
during the audit interview especially for Cyber, IT Infra, End-user computing audit?
Q2:
What are some of the open-ended question like "Can you describe your
network architecture", "what's your patch procedure/policy like", "what are
your perimeter & endpoint defenses" ... <pls add on>.
Q3:
Presume auditors should start with such open questions first before going
into more targetted questions?
Q4:
What are some of the more targetted questions?
Eg: "how long is your backup retention for DB, logs, ...", "share some of
the recent patch logs", ...<pls add on> ...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.