The Growing Demand for IT Security Auditing

Risk = Threats × Vulnerabilities × Impact

Security officers, risk management professionals and auditors must rely on the effectiveness of IT security. Security-related controls form a large part of the general controls structure, enabling organizations to rely on automated controls in applications such as financial reporting systems. Moreover, IT auditors and compliance professionals are often responsible for performing security audits in order to identify policy and regulatory compliance issues (e.g., Sarbanes-Oxley, Basel II Accord) and unacceptable risks.

This white paper describes the drivers for better IT security auditing, the problems with current approaches and how to automate IT security audits.

Download White Paper