A new IT auditor needs some help dealing with database patching issues and how far you need to dive into technology during an IT audit.
Take a moment to read his comment and add your thoughts. I’ve put in my 2 cents. Let’s get a good discussion going.
I think any auditor can chime in, as audit scope and audit limitations are not unique to IT audit.
Dinesh’s comment appears in What IT Auditors Ought to Know – and Don’t!
TrustWave Inc. analyzed data gathered from over 1900 penetration tests and over 200 data breach investigations and concluded that the top 3 ways to sneak into a network in 2009 were via:
IT has come up with all kinds of ways to protect assets without applying patches. Yes, patching takes time if done correctly. However, the solutions have issues that need to be kept in mind.