Security audit and assessment statement 2: The Security Audit Questionnaire was designed primarily to help evaluate the
Question:
Security audit and assessment statement 2: “The Security Audit Questionnaire was designed primarily to help evaluate the security capabilities of the organization. It is important to find out the current security capabilities of a company to be able to develop systems and procedures that will help make it more efficient. That is why a questionnaire is required to gain all the information required for performing such a crucial assessment."
Refer to the given statement above:
a. Identify the steps for creating a good security audit questionnaire.
b. Following the standard from ISO 27002 2005, create a security audit questionnaire related to Information Security Incident Management Audit for an IT Department at the Healthcare organization.
Auditing and Assurance services an integrated approach
ISBN: 978-0132575959
14th Edition
Authors: Alvin a. arens, Randal j. elder, Mark s. Beasley