O'Reilly logo

Auditing IT Infrastructures for Compliance by Michael G. Solomon, Martin Weiss

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 4. Auditing Standards and Frameworks

CONDUCTING AUDITS AND ASSESSMENTS is challenging in the absence of a standard against which to audit or assess. Two concepts that are helpful include control objectives and control activities. Control objectives, despite the rapid evolution of technology, remain mostly constant. These tend to be high level and describe the goal for the organization. Control activities provide details on how to achieve the goals of the relevant control objective. There is no such thing as a one-size-fits-all framework or standard. Frameworks and standards simply provide the building blocks and guidance needed for organizations to tailor them to their specific needs. They are useful for guiding the control objectives ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required