Tag Archives: plan

by | May 22, 2018 · 6:45 am

Steal from Agile to Increase Audit Analytics

agile analyticsTo increase the amount and depth of the analytics performed, steal some agile methods, and apply them to your audits.

If you’re not familiar with agile methods, check out the first 5 topics listed here (just click Next at the bottom of each page; the topics are quick to the point and full of pictures).

Briefly, agile projects are performed in cycles, or iterations, rather than in a long, linear-waterfall fashion, which is: do all planning, then field work, then reporting. Each iteration of the project creates some value and includes feedback, which is used in the next iteration to increase the value of the project.

Continue reading

Advertisements

Leave a comment

Filed under Audit, Data Analytics, How to..., Technology, Written by Skyyler

Tagged as , , , , , , , , , , , , , , , , , , , , ,

by | December 12, 2016 · 11:00 am

The Simplest, Cheapest, and Most Effective Disaster Recovery Plan Ever

disaster-recovery-planAbout a decade ago, I personally witnessed the handover of the simplest, cheapest, and most effective disaster recover plan ever.

Let me first give you a little background….

I worked for a great IT director, who moved to another company, much bigger, and brought me with him.

In the new company, he again was responsible for all IT, and he brought me along to manage security and disaster recovery.

If I named this company, at least 25% of you would recognize it, even those of you around the world–true story, too.

Continue reading

6 Comments

Filed under Case Files, Humor/Irony, Security, Security Scout, Technology

Tagged as , , , , , ,

by | April 19, 2012 · 10:05 pm

May –> Audit Awareness Month

May is Audit Awareness Month, so if you want to host an event to promote audit at your organization, you’re short on time.

I wrote about this last year, and all the links on that post are still good, so see May = Audit Awareness Month for ideas.

Hey, I’m recycling last year’s post, so this must be a GREEN blog!

Leave a comment

Filed under Audit, Humor/Irony

Tagged as , , , , ,

by | March 25, 2011 · 9:34 pm

Plan to Test the Test Plan

Always test the test plan and make sure it actually tests the control or risk being assessed. And make sure the tester (especially when you are observing the tester rather than performing the test yourself) actually follows the test plan.

During a segregation of duties (SOD) test for an expense report approval system, an auditor was observing a client perform a test.  The client was supposed to enter his user ID into the Approver field to demonstrate that he could not approve his own expense report.

Continue reading

2 Comments

Filed under Audit

Tagged as , , , , , , , , , , , , ,

by | May 31, 2010 · 8:22 am

Simple Audit Success Formula

I am often amused how common sense is paraded as a solution (aka “how to write a post about anything”).

When you consider the bullet points in 5 Tips to Survive a Social Media Disaster, you can see that those actions can be applied to many issues, including one of our favorite subjects, auditing.

Continue reading

Leave a comment

Filed under Audit

Tagged as , , , , , , , , , , ,

by | April 10, 2009 · 11:17 am

5 Security Steps for Non-Big Businesses

Lenny Zeltser suggest 5 steps that mid-market organizations can take down the security path:

  1. Identify key data flows
  2. Understand user interactions
  3. Examine the network perimeter
  4. Assess the servers and workstations
  5. Look at the applications

Continue reading

Leave a comment

Filed under Security

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,