Tag Archives: Audit

by ITauditSecurity | May 30, 2017 · 11:00 am

New IT Auditor (and WannaBEs) Master List

Here’s a list of all my posts to-date related to becoming or growing as an IT Auditor, all in one place for easy reference.
I’ll add other posts as they are written.

Continue reading →

Audit Management Sometimes Sucks

When internal auditors (or those pretending to be such) do poor work and don’t follow the appropriate audit and IT standards, they are unprofessional. However, I put the blame at the feed of audit management.

Continue reading →

2 Comments

Filed under Audit, Employment

Tagged as Audit, beatings, CAE, coaching, it auditor, lawyers, management, monkey, profession, responsibile, training

by ITauditSecurity | January 17, 2017 · 11:00 am

Do you have User IDs Hidden in the Cloud?

It’s 10 o’clock in the cloud. Do you know where all your user IDs are? Are some hidden in the cloud?

Cloud security if often cloudy because it’s not on premise where you can control it easier.

That means you may have powerful user IDs in the cloud that your security team knows nothing about, which means….

Continue reading →

2 Comments

Filed under Audit, Case Files, Technology

Tagged as Audit, cloud, database, hidden, ID, monitor, on premise, policy, Security, system, tone at the top, user

by ITauditSecurity | December 5, 2016 · 3:22 pm

Mack Falls Prey to Phishing Email

It finally happened: I fell prey to a phishing email.

I actually clicked a link.

At work, no less. Not good.

Continue reading →

3 Comments

Filed under Audit, Employment, Humor/Irony

Tagged as Audit, confession, email, human, link, mistakes, phishing, pride, proverbs 16:18, PST, Security

by ITauditSecurity | November 28, 2016 · 11:00 am

Some of my Favorites

Since some of you are newer to the blog, I thought I’d bring a couple of my favorite posts to your attention.

Continue reading →

Behind Locked Doors: Conclusion

Most of the team deployed to the 2 departments and started emptying wastebaskets in the ‘wastebasket audit‘ exercise, collecting all the trash in large carts on wheels.

Two others were posted as look-outs in the main hallways outside the target department.

I carried my black bag of tools and approached THE door.

I pulled out my favorite flat-head screwdriver. Originally, I was going to remove the closing arm at the top of the door and then pry the hinge pins out of the hinges.

This is the fifth and final post in a series. See the previous post, Behind Locked Doors: Part 4. Start with Behind Locked Doors: Part 1.

Continue reading →

4 Comments

Filed under Audit, Case Files, Security, Technology

Tagged as Audit, database, Leeda, steal, wastebasket

by ITauditSecurity | December 9, 2014 · 11:00 am

Don’t Use GRC app to do Workpapers!

I consulted with a company that implemented a new GRC package, and unfortunately they are using an application designed for GRC to do audit workpapers.

That wasn’t the only move that was questionable…

Continue reading →

11 Comments

Filed under Audit, Security, Security Scout, Technology

Tagged as Audit, dog food, encryption, grc, implementation, requirements, review, RITA, Security, vendor, workpapers

Tag Archives: Audit

New IT Auditor (and WannaBEs) Master List

Audit Management Sometimes Sucks

Mack Falls Prey to Phishing Email

Some of my Favorites

Behind Locked Doors: Conclusion

Don’t Use GRC app to do Workpapers!

Subscribe via email

Quick Links

Recent Posts

Top 7 Posts

Categories

Links

Blogroll

Tag Archives: Audit

New IT Auditor (and WannaBEs) Master List

Share this:

Like this:

Audit Management Sometimes Sucks

Share this:

Like this:

Do you have User IDs Hidden in the Cloud?

Share this:

Like this:

Mack Falls Prey to Phishing Email

Share this:

Like this:

Some of my Favorites

Share this:

Like this:

Behind Locked Doors: Conclusion

Share this:

Like this:

Don’t Use GRC app to do Workpapers!

Share this:

Like this:

Subscribe via email

Quick Links

Recent Posts

Top 7 Posts

Categories

Links

Blogroll