Just for fun, one of my readers asked ChatGPT to write an article analyzing how internal audit uses data analytics (love that alliteration).
If you’re new to ChatGPT, go here, and remember to scroll down.
This reader (who wishes to remain anonymous) asked ChatGPT to write about whether internal audit performs an adequate amount of data analytics and in the appropriate depth.
This person sent the result to me, and after reading it, I decided to publish it here.
If your department doesn’t track metrics on your analytics, you are probably not doing analytics or you are making little progress in analytics.
In either case, its obvious that analytics isn’t very important to your management.
Which is one of the points I made in my post, 10 Signs Mgmt Doesn’t Really Support Analytics.
So far, I have encountered very few audit departments that track meaningful metrics about their analytics.
Counting the number of projects that include analytics isn’t enough.
Filed under Audit, Data Analytics, How to..., Written by Skyyler
When you evaluate the risk of a vulnerability, do you do it in the dark?
Or do you take into account other factors that might affect the risk?
What if one of the factors is an existing audit issue that has not been remediated?
Filed under Audit
It’s getting to the point where some audit directors are saying, “No bad audit reports allowed.” In other words, don’t shoot the messenger, just the message. What follows is an experience from one of my audit colleagues…
First, a couple “I know” statements…I know auditors are supposed to be helpful and friendly. I know auditors are supposed to add value. I know auditors need to be careful about giving only bad news; we should also note in our report what the auditee is doing right (if anything). I know that it’s hard for auditees to get hammered again and again by audit reports.
Filed under Audit, Technology
ITauditSecurity 