JORGE DIAZ

Conducting security audits are very important to the continued success of any organization. Having questions is not only normal but important to ask whenever conducting a procedure that plays a crucial role in your network. Below is a breakdown of your questions, to give you a better understanding of the process so you can conduct it accordingly. We can begin with the areas reviewed and the information needed to get started with the audit. Followed by a second section with the steps involved, how long it will take, and the interference it may have on normal operations. The final section will entail the expected results, how often an audit should be conducted, and what action is taken with any discovered issues.

Section 1

The audit will be examining your existing security protocols for proper functionality and whether what is currently in place is sufficient to provide you with adequate security. Your firewall, password policies, malware and antivirus, data protection measures, authentication, change management, access control, update and patching practices, and other contributors to an effective security strategy will be reviewed. Looking at the overall governance of the security in place is different from other types of testing and will have a high impact on your security plans effectiveness. Depending on the criteria set for the audit, information about the systems, processes, and procedures being audited will be needed. Including a list of devices, internal documentation, processed data, IT infrastructure, sensitive customer and company data, system logs, and documentation of the security procedures practiced.

Section 2

The audit will start by defining some clear objectives to focus on. The scope of the audit can be determined and then a risk assessment can be done. Each objective is analyzed for its effectiveness and its implementation by staff members. When a gap is discovered, it is documented so that proper measures can be taken to correct it. The effect on normal operations will depend on the depth of the audit, but access to systems and employees will be required. If vulnerability scans and penetration testing is part of the audit, arrangements will need to be made to conduct certain tests that result in the temporary shutdown of a system. Backups will also need to be made to ensure data safety. The process has no real time limit, but to properly prepare, collect data, and create solutions it could take 1-3 months.

Section 3

Realistically, evaluation of your security should be an on-going endeavor, but a scheduled security audit should be conducted once a year. The audit report will include results of the devices and systems tested, policies reviewed, vulnerabilities discovered, and recommendations for repair. This report will be produced concurrently with the audit process and will involve a collaboration with assigned team members of your organization. Questions can be answered throughout the process and corrections to high priority issues can be made immediately. Some solutions will take time to implement and require team member training, but the process can begin the moment a security gap is discovered. Many of the recommendations will include practices to be followed moving forward on a regular basis. If a compliance order is needed to satisfy regulatory requirements, then a specific list of procedures will be acquired and adhered to. Security audits are paramount to keeping your organizations data and network safe.