- Assess the organization's needs
- Develop policies to meet these needs
- Implement these policies
- Train the employees accordingly
- Perform an audit to ensure the above items are in compliance.
The methodology used by the auditor can vary depending on the scope and requirements of the audit. In addition, many auditors are also now certified by the Information Systems Audit and Control Association, or ISACA, which is a great organization.
Dig deeper on Network Administration
Related Q&A from Michael Gregg
Enterprise security expert, Michael Gregg answers a question regarding port 3389 issues when a user tries to open port 3389 RDP on their router to ...continue reading
Expert Michael Gregg answers a reader question about Snort and the interfaces it uses.continue reading
Security expert Michael Gregg notes the risks to enteprise security that mobile devices may cause.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.