Audit is not a dirty word

By Daniel Carter

The Skyhooks were a band famous in Australia who had a 1970’s hit ‘Ego is not a dirty word’.

Although not related at all to IT Auditing, the negative stigma is translatable from ego to audits.

There are several reasons that organizations can dread an audit. However, they all share a common cause, the fear of the unknown.

What have I missed? Did I do this right? What if this happened?

Proactive organisations, however, do not dread audits, they use the process to add value to their organisations. This shift in focus is what continually helps them excel; prevention is always better than cure.

Do you rely on manual processes to address auditor requests?

If you answer yes to this then you are already on the back foot, most common audit requirements can be scheduled and accomplished automatically. This process automation is easily configured while the cost of the software is less than the personnel hours that would have been required for the same task. Automatically generating reports that consider change management or access security is straightforward using software such as Open-AudIT and opConfig.

The evolution of technology has forced organizations to comply with technical auditing, even if they don’t identify as high-tech companies. It is business critical to get these processes right; any recent data breach can be easily recalled, no one remembers a company executing a successful audit.  Successful audits occur when there is an understanding of the internal IT procedures and operations of your network.