Auditor Struggles, Part 3

This is Part 3 of a Case File series that describes how real auditors tried to apply questionable methods to auditing and data profiling. See Part 1 and Part 2.

I looked at the third page of the handout and asked, “What is this?”

“A list of Active Directory (AD) groups and the user IDs in each group. I searched AD for any group containing the system name,” the junior auditor said, “and identified these 6 groups. I then downloaded all the members of these groups from AD into Excel.”

The auditor continued, “We will be reviewing the access related to Process X, so I thought I’d look up all the related groups.”

I read through the group descriptions, which were mostly cryptic. “Do you know what these groups are for, how they are applied to the system, and what assets and access rights are related to those groups?” I wondered.

No one looked me in the eye. “Not yet,” was the reply. “We aren’t sure which ones are important. We downloaded the group and members, and sent the listings to the business contact. We asked her what each group is f0r. We are waiting for an answer.”

“So before you knew whether these groups were relevant to your audit, you took time to download the lists?”

Before the lead auditor could send the junior auditor a signal, the junior auditor replied, “Yes. This didn’t take that much time.”

The other auditors looked down at the floor.

“While it was smart of you to try to identify any groups related to this process and ask how they are used, next time I would wait until you get an answer so you know which groups are pertinent to your audit objectives. Then download the members,” I stated.

I continued, “Wouldn’t that have made more sense and been less work for both you and your business contact?”

Looooong silence.

“OK,” I said, changing the subject. Let’s talk metrics.”

See Part 4

1 Comment

Filed under Audit, Case Files, Data Analytics, Excel

One response to “Auditor Struggles, Part 3

  1. Pingback: Auditor Struggles, Part 2 | ITauditSecurity

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.