Network Security Audit Risk Assessment Information Security Consulting Computer Forensics

 

Top 10 Audit Questions to Ask your IT Auditor

The following are the Top 10 questions you should ask your IT auditor.  Discover the Top 10 ways Altius IT adds business value.

1. Who can perform security audits?
If you need an audit, the work must be performed by an "auditor", not just a consultant.  Security consultants can consult, but they aren't certified as auditors.  As a Certified Information Systems Auditor (CISA), Altius IT is board certified by the Information Systems Audit and Control Association.

2.  How do I get compliance certified?

To meet compliance requirements, you must use an auditor that is certified to audit and assess your systems.  Altius IT provides Certified Information Systems Auditors as a part of each engagement.

3. Are you independent?

Auditors must be independent and not influenced by a prior working relationship with your organization.  In other words, individuals that provide IT services (in-house or outsourced) to your organization can't also be your IT auditor.  By being independent, Altius IT remains unbiased and doesn't have preconceived agendas that may not be in your best interests.

4. Do you specialize in audits?

Altius IT specializes in providing audit, assessment, security, risk management, and compliance services.  We know that each environment is unique.  We customize our services to ensure the right things are being done the right way in a cost effective, efficient, and secure manner.

5.  What is your audit experience?

Altius IT's staff has the certifications and experience.  Since 1993, we've performed over 1,000 audits and assessments.  Our experienced auditors understand the importance of evaluating technology systems and configurations, people, and processes.  All three must be examined to help you identify, manage, and reduce your risks.

6.  How is the engagement managed?

Each engagement is overseen by an Altius IT project manager with 30 years of management and technical experience.  Altius IT staff are directly supervised and directed by the project manager to ensure your goals, objectives, and deadlines are met.  See the Altius IT Roadmap (AIR) for an overview of the audit process.

7.  What type of deliverables (reports) do I get?

Many companies provide computer report dumps that have little meaning to executives and business professionals.  Altius IT's deliverables provide real value:

  • Assessment Report - a report of our findings and evaluation of risks.  Our assessment report reviews over 50+ different subject areas.
  • Action Plan Report - we analyze the information in our Assessment Report and prepare a risk response action plan plan with prioritized recommendations and steps to manage your risks.
  • Compliance Letter - if requested, Altius IT can provide you with a Compliance Letter, stating that your systems meet minimum standards and compliance requirements.

8.  What auditing standards are used when assessing our firm?

As an active member of the Information Systems Audit and Control Association (ISACA), Altius IT's compliance audits and assessments help ensure your organization meets industry standard best practices. 

9.  What are your certifications and affiliations?

Members of the Altius IT audit team hold the following certifications, qualifications, and affiliations:

  • Management qualifications - each Altius IT project manager has over 30 years of project management and technical experience.
  • Auditor qualifications - our auditors hold many certifications including Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Controls (CRISC), and Certified in the Governance of Enterprise IT (CGEIT).
  • Technical certifications - Altius IT's engineers hold many certifications including Certified Information Systems Security Professional (CISSP the world's leading qualification in information security), Microsoft Certified Systems Engineer (MCSE), Certified Cisco Network Administrator (CCNA), Intrusion Prevention Professional, VMWare Certified Professional (VCP), Altiris Certified Engineer (ACE), and many others.
  • Professional associations - Altius IT is a member of the Information Systems Audit and Control Association (ISACA), Association of Contingency Planners (ACP), Technology Professionals Association (TPA), and Association of Professional Consultants.
  • Academic qualifications - Master of Science in Management Information Systems (MIS), Bachelor of Science in Management.
  • Recognition - Altius IT has been featured on national television and in over 40 publications including the Wall Street Journal, USA Today, Business Week, the Los Angeles Times, and many others.  For more information, please visit In the News.

10.  Why should we choose your firm?
You need a firm that understands your industry and technology systems.  Altius IT has performed hundreds of audits and assessments.  We understand the underlying technologies that support your business functions.  We are familiar with the various threats and vulnerabilities associated with your business processes, people, and technology systems.

Concerned about the environment?  Altius IT is 100% carbon neutral.  We've worked hard to create an environmentally friendly business that meet the needs of our clients. At Altius IT, we pride ourselves on providing best-in-class eco friendly green assessments – saving our client’s money while saving the environment. All because it's the right thing to do for our community, our clients and our business. Discover the Top 10 ways Altius IT adds business value.

 

Take our Challenge.   Copyright © 2006-2012 Altius Information Technologies, Inc.  All rights reserved.    On-line Support.    Privacy.    Site Map.    Contact Us.