You are at a restaurant eating lunch with a friend. After the meal, your friend realizes they left their wallet at home. Your friend gives you a piece of silver….
Would you be inclined to advise your Company go through such type of audit, yes or no? Explain your position.
The Company you work for is in the process of determining whether to have an information security audit (ISA) performed. Even though the Company is not (yet) required to have an ISA for compliance purposes with laws, rules, and/or regulations, they are very aware of the benefits such audit can provide. However, they also know how pricy these specialized audits are. Would you be inclined to advise your Company go through such type of audit, yes or no? Explain your position. List 10 sources for audit tools, best practices, and/or relevant audit information when performing information security audits that were discussed in this chapter.