An IT audit using policy-management involves the following steps:
• Choosing or setting up a policy. Many industry-standard and in-house developed methods/tools will be used to help the organization develop/put forward a policy.
• Identifying the systems to be audited. A very important phase that will provide raw but valuable data to the IT process as security administrators and auditors will be determining which policy applies to which system/s.
• Scheduling or activating a scan. During this scan, software and otherwise tools will gather data from each machine over the network. Scans can be performed interactively or scheduled to run at a particular time.
• Presenting the report. Auditors are responsible for reporting the findings and presenting the results to the management
More Services