We continue the series of articles by Nick Cavalancia on our blog. The previous post was dedicated to Event Logging, today we are going to talk about general approach to IT Audit.
An IT Audit is, generally speaking, a reactive activity. Some compelling event occurs – a security breach, a critical system has issues, or it’s that time of year again to care about compliance – and you’re going to be required to produce copious amounts of meaningful reports to answer every question an auditor presents you with.