IT audit is an increasingly difficult challenge for organizations that involves both internal and external stakeholders. An IT Audit can originate from many different directions including external regulations, internal audit, or executive directive. In all cases, many organizations regularly test IT controls to ensure that IT systems meet business expectations. The resulting assessment helps organizations, stakeholders, and executives better understand the state of IT by answering questions about operations:
IT is an integral part of every organization, and understanding the risks of IT as they relate to the individual organization is the IT Audit’s primary goal. Whether have an existing framework, looking to build an IT framework, or just need an audit around regulations such as COBIT, ISO 27002, NIST, ITIL, NERC, HIPAA, PCI, Basel II, FISMA, GLBA, SOX, and FFIEC, then PBTK can help.
Please contact Sam Belnap, PBTK’s Director of IT Risk Management, for more information.