The information technology ecosystem serves as the nervous system of your organization. For those who bear the responsibility for evaluating the health of IT programs and systems, one of the most daunting challenges they will face is determining where and how to focus their precious and finite resources. If the goal is to provide the maximum level of assurance that the organization is doing the right things with those limited resources, it is imperative that attention is placed on the areas that are most critical to achieving that end. This session will explore the various approaches and options for performing risk assessment activities that drive a focused and meaningful IT Audit Plan. We will review concepts and approaches related to defining this crucial audit space, including top-down vs. bottom-up evaluations, the various data and criteria that can be leveraged to drive assessment results, and how to carry out holistic assessments for all key IT areas, including security, operations, consumer interaction, finance, regulatory compliance and risk management.
This webinar will be presented as part of the BSides Oklahoma 2021 – Information Security Conference.