Link to home
Start Free TrialLog in
Avatar of sunhux
sunhux

asked on

Approach of IT audit interviews & sample questions to ask auditees

Q1:
For IT audit purposes, what are some of the questions that an auditor should ask
during the audit interview especially for Cyber, IT Infra, End-user computing  audit?

Q2:
What are some of the open-ended question like "Can you describe your
network architecture", "what's your patch procedure/policy like", "what are
your perimeter & endpoint defenses" ...  <pls add on>.

Q3:
Presume auditors should start with such open questions first before going
into more targetted questions?

Q4:
What are some of the more targetted questions?  
Eg: "how long is your backup retention for DB,  logs, ...", "share some of
      the recent patch logs", ...<pls add on> ...
SOLUTION
Avatar of btan
btan

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial