Professional Documents
Culture Documents
Auditing2e ppt15 l05
Auditing2e ppt15 l05
Compliance
Lesson 5
Planning an IT Infrastructure
Audit for Compliance
Data Apps
Technology Facilities
Personnel
Preventive
© 2016 Jones and Bartlett Learning, LLC, an Ascend Learning Company
Auditing IT Infrastructures for Compliance www.jblearning.com Page 7
All rights reserved.
Privacy Audits
▪ Privacy audits address the following three
concerns:
• What type of personal information is
processed and stored?
• Where is it stored?
• How is it managed?
Is it
effective?
Is it
required?
Identify cross-
Seize
enterprise
opportunities
risks
Reduce Improve
surprises and capital
losses allocations
Adversarial Accidental
Threat
Identification
Structural Environmental
Security advisories
▪ Types of documentation:
• Administrative documentation
• System documentation
• Procedural documentation
• Network architecture diagrams
• Vendor support access documents and
agreements
Administrative documentation
System documentation
Procedural documentation
Scheduling
Opening
Conducting
Closing
Recording