Don't Forget to Share this Post

Completing Your Post IT Audit Homework

By Olivia Munro | Thursday, February 1st, 2018

So you took all the steps to prepare for your technology and cyber audit, and you still received findings. That is to be expected! Most organizations come away with findings post-audit as there is always room for improvement.  It can be especially overwhelming to prioritize the findings, especially if your firm comes away with a long list of action items.

Common findings after a technology and cyber audit include:

  • Missing policies: Password policies or Access Control policies

  • Complying with the rules, but not providing proper documentation to verify that you are doing so

  • Providing non-specific timelines in your documentation

  • Documentation lacking how you measure and track remote testing, training and scope

  • Inaccuracies in products, service descriptions or deliverables

  • Complying with the rules, but not providing proper documentation to verify that you are doing so

  • Providing non-specific timelines in your documentation

  • Documentation lacking how you measure and track remote testing, training, scope

Where should your firm start with the findings? How much will it cost? What is necessary and what is considered inessential or overkill? These are all valid questions we hear every day from firms after an independent audit.

Having a trusted partner or vendor to guide you through the remediation process can help your firm:

  • Prioritize findings

    Help your team discern what findings are valid and necessary, and which are overkill

  • Recommend security actions

    There are a variety of safeguards to implement, Eze Castle Integration can help determine what is practices are necessary for your firm

  • Determine ownership

    Help you organize a cross functional team within your organization

  • Determine timeline

    Assist to develop a realistic timeline to complete the remediation process

  • Determine cost and resources necessary

    Assist with a budget and help find the resources necessary to complete necessary action items

  • Execute and maintain the remediation

    Implement the remediation plan using all the resources above

For more information or guidance after an independent IT audit, contact Eze Castle Integration for a consultation.

Related Articles:

Common IT Security Gaps Guidebook

Don't Forget to Share this Post

Related Posts

Launching a Hedge Fund in Hong Kong: Technology Considerations
How Cybersecurity Vulnerability Assessments Work for Investment Management Firms
Making a Case for A Cloud Migration to Your CXOs
Cybersecurity Bootcamp Webinar Series: Join Us!
What Not to Do When It Comes to Your IT
How to Start a Hedge Fund

How Can Eze Castle Integration help you?Contact us today!

Contact Us