- Assess the organization's needs
- Develop policies to meet these needs
- Implement these policies
- Train the employees accordingly
- Perform an audit to ensure the above items are in compliance.
The methodology used by the auditor can vary depending on the scope and requirements of the audit. In addition, many auditors are also now certified by the Information Systems Audit and Control Association, or ISACA, which is a great organization.
Dig deeper on Network Administration
Related Q&A from Michael Gregg
Enterprise security expert, Michael Gregg answers a question regarding port 3389 issues when a user tries to open port 3389 RDP on their router to ...continue reading
Security expert Michael Gregg discusses the disadvantages to a layered approach to enterprise security.continue reading
Security expert Michael Gregg fields a question about unknown network cards gaining access to a user's network.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.