Author Archives: ITauditSecurity

About ITauditSecurity

Mack is an IT auditor and author of the ITauditSecurity blog for IT, audit, and security professionals. The blog provides HOW-TOs, analysis, and humor.

Do you have User IDs Hidden in the Cloud?

hidden-in-the-cloudIt’s 10 o’clock in the cloud. Do you know where all your user IDs are? Are some hidden in the cloud?

Cloud security if often cloudy because it’s not on premise where you can control it easier.

That means you may have powerful user IDs in the cloud that your security team knows nothing about, which means….

Continue reading

2 Comments

Filed under Audit, Case Files, Technology

Real Auditors Use Excel PowerPivot

powerpivot iconIf you’re an auditor and you are not yet using Excel PowerPivot, you are missing the next greatest thing since spreadsheets arrived.

If you are NOT an auditor, and you don’t use PowerPivot, you’re in the same boat with the auditors mentioned above, and it is sinking.

In other words, if you use Excel, you should be learning Excel PowerPivot. It’s that big.

Let me explain why.

Continue reading

5 Comments

Filed under Audit, Free, Technology, Data Analytics, Excel

Make Audits Easier, More Effective in the New Year

I previously blogged about some audit tips that make audits later in the New Year easier and more effective.

I made some minor updates to the post and am sharing it again.

Audit Tips for the New Year

Leave a comment

Filed under Audit

New IT Auditors Should Start Here

new-auditorIf you’re a new IT auditor or want to become one, I’ve listed a number of my earlier posts for your consideration. If you’re an experienced auditor, here’s an overview of the profession through my eyes.

These posts will:

  1. Provide basic information regarding IT audit and security and links to other sources.
  2. Help you avoid some of the hidden pitfalls that control owners and auditors face.
  3. Give you ideas and approaches for some common and uncommon audits.
  4. Give you a few chuckles.

If you start at the top and read through each post, you’ll get a good taste of the positives and negatives of IT auditing. Since you can’t do it in one sitting, yoo could bookmark the list and work your way through it as you have time.

Continue reading

4 Comments

Filed under Audit, Certification, Employment, Excel, Free, How to..., Humor/Irony, Technology

The Simplest, Cheapest, and Most Effective Disaster Recovery Plan Ever

disaster-recovery-planAbout a decade ago, I personally witnessed the handover of the simplest, cheapest, and most effective disaster recover plan ever.

Let me first give you a little background….

I worked for a great IT director, who moved to another company, much bigger, and brought me with him.

In the new company, he again was responsible for all IT, and he brought me along to manage security and disaster recovery.

If I named this company, at least 25% of you would recognize it, even those of you around the world–true story, too.

Continue reading

6 Comments

Filed under Case Files, Humor/Irony, Security, Security Scout, Technology

Mack Falls Prey to Phishing Email

phishing emailIt finally happened: I fell prey to a phishing email.

I actually clicked a link.

At work, no less. Not good.

Continue reading

2 Comments

Filed under Audit, Employment, Humor/Irony

Some of my Favorites

Since some of you are newer to the blog, I thought I’d bring a couple of my favorite posts to your attention.

Continue reading

Leave a comment

Filed under ACL, Audit, How to..., Security, Technology, Top 10