Eze Castle Integration Eze Castle Integration

Eze Castle Blog

Completing Your Post IT Audit Homework

By Olivia Munro,
Thursday, February 1st, 2018

So you took all the steps to prepare for your technology and cyber audit, and you still received findings. That is to be expected! Most organizations come away with findings post-audit as there is always room for improvement.  It can be especially overwhelming to prioritize the findings, especially if your firm comes away with a long list of action items.

Common findings after a technology and cyber audit include:

  • Missing policies: Password policies or Access Control policies

  • Complying with the rules, but not providing proper documentation to verify that you are doing so

  • Providing non-specific timelines in your documentation

  • Documentation lacking how you measure and track remote testing, training and scope

  • Inaccuracies in products, service descriptions or deliverables

  • Complying with the rules, but not providing proper documentation to verify that you are doing so

  • Providing non-specific timelines in your documentation

  • Documentation lacking how you measure and track remote testing, training, scope

Where should your firm start with the findings? How much will it cost? What is necessary and what is considered inessential or overkill? These are all valid questions we hear every day from firms after an independent audit.

Having a trusted partner or vendor to guide you through the remediation process can help your firm:

  • Prioritize findings

    Help your team discern what findings are valid and necessary, and which are overkill

  • Recommend security actions

    There are a variety of safeguards to implement, Eze Castle Integration can help determine what is practices are necessary for your firm

  • Determine ownership

    Help you organize a cross functional team within your organization

  • Determine timeline

    Assist to develop a realistic timeline to complete the remediation process

  • Determine cost and resources necessary

    Assist with a budget and help find the resources necessary to complete necessary action items

  • Execute and maintain the remediation

    Implement the remediation plan using all the resources above

For more information or guidance after an independent IT audit, contact Eze Castle Integration for a consultation.

Related Articles:

Common IT Security Gaps Guidebook

Categorized under: Hedge Fund Regulation 



Recent Posts / All Posts


 

Subscribe

Follow Us

    Follow us on Twitter Follow us on FaceBook Follow us on LinkedIn Follow us on Google RSS Feed

Recent Articles

Categories

Archives