I went to a recent meeting of the North Texas chapter of ISACA, and there was a presentation on SSAE 18. For those of you who don’t know, SSAE 18 supersedes SSAE 16, and consolidates Service Organization Controls reporting into something more manageable. Here, I’ll talk about what I’ve learned about SSAE 18, SOC 1, […]
All the posts associated with the "audit" tag.
Learning About Setting Controls for I.T. Assets
In my pursuit to get into the information technology (IT) audit field, I must learn about setting controls for securing IT assets, minimizing risk, and eventually testing that said controls work. In major organizations where information flows constantly and is utilized to advance the organization’s goals, ensuring that the information and knowledge are accurate, intact, […]
Dealing With the Internet of Things
The other day, I attended a meeting of the North Texas chapter of ISACA. There, the information technology veteran, Austin Hutton, gave a presentation on the dangers of the Internet of Things (IoT). I have written about the IoT and how it can be used to devastating effect. One of the problems that Hutton talked […]
Wondering About Risk Assessments
Since I have little knowledge on audits (only from what I learned in college), I have been reading up on the finer details of an audit. I came across this documentation on the methods of carrying out a risk assessment in an audit. The article lists three options for performing a risk assessment (though there […]