by Erik T. Heidt | September 25, 2013 | Comments Off on New Self-Audit Toolkit
In “Achieving IT GRC Success“, Gartner recommended that enterprises consider six core activities in the Execution phase of the IT GRC practice.
- Risk Assessment
- KRI Measurement and Management
- Ad Hoc Risk Decision Support
- Compliance Management
- Audit Support
- Policy Management
There are many aspects of Audit Support that are discussed in the document, and one of them is creating a partnership between the IT GRC practice and IT operations groups to improve audit outcomes through mock-audits and pre-audit preparation. My colleague Khushbu Pratap, who is a member of Gartner for IT Leaders Governance, Risk and Compliance research group, has just published a toolkit “Toolkit: Avoid Audit Headaches by Planning an Information Security Self-Audit” to jump start or improve self-audit capabilities. The toolkit includes useful resources such as a PowerPoint presentation on self-audit planning and a sample self-audit plan in an Excel worksheet.
Check it out.
View Free, Relevant Gartner Research
Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.Read Free Gartner Research
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.