From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
Join today to access over 23,200 courses taught by industry experts.
Audits and assessments
From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
Audits and assessments
- [Instructor] Audits and assessments provide organizations with opportunities to evaluate their security controls to ensure that those controls are functioning properly and effectively protecting the confidentiality, integrity and availability of information and systems. Audits and assessments are similar in purpose and function. Both involve evaluating security controls, reporting on their effectiveness and making recommendations for improvement. The main difference lies in the purpose of the review. Assessments are generally performed by or requested by an organization's IT staff. Audits are generally performed at the request of someone else, such as a regulator, executive or board of directors. When an organization undergoes an audit, the auditors follow a formal standard and perform planned tests designed to determine how well an organization complies with the standard. No matter what type of audit or assessment is taking…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.