Security Audits

Posted by on Feb 12, 2011 in Information Technology, Security

Security audits with our organizations are seen as a team building exercise. Building out of one of our core principles, which is team atmosphere from the Rockefeller Habits, any opportunity or occasion that involves more than five individuals is seen as a team building opportunity. When security audits are done, all department heads, IT department employees, and other essential personnel are brought in to contribute to the conversation. In the audit, there are four clear steps.

The first step is to identify existing threats or concerns, be they new threats or new ones determined through education on information security. Secondly, concerns surrounding new problems are discussed. This step offers an avenue for discovery. Each department has unique circumstances and my have unique information assets with unique threats that the IT staff has to take into account.

As a third step, the IT staff discusses the current policies, both for security and for privacy along with any updates or changes. In this step, our organization stays current with competitors, evaluating their processes and determining gaps in the way we do business. Also, our on staff legal council will let the members of the audit of the latest, if any, changes to Bar requirements that impact our clients.

In the last step, a plan is established for implementing and handling all the changes and items the audit discovered. This step is where accountability comes in as each department is given amendments and new information policies and told when they should be completed. On a side note, the organization has a third-party consulting agency that comes in and audits this process along with the systems in place. Essentially, it is an audit of the audit process.

A. Chris TurnerAbout the Author: Chris Turner is also known as ChocolateSEO. CSEO is Chris' Nashville search marketing and consulting service offering a variety of services to help you, your company and any website maximize web-based marketing opportunities. He is the father of three girls, one boy (finally) and husband to the wonderful Savannah. Join the author's circle: Chris Turner on Google+.