Cyber Security Auditing
Get the Breach Statistics and Analysis on Your Industry
Today’s business world is full of cyber breaches, with attackers bypassing conventional security deployments to steal data and disrupt operations. Which industries have been hit the hardest? Which have experienced the largest increase in attacks? What type of malware is being used to breach enterprises?
Industries hit the hardest
- The most targeted industries, including retail, auto and transportation, as well as healthcare and pharmaceutical
- Industries with the largest increase in security breaches such as legal, high tech, along with services and consulting
- The most common threats to one of the most targeted industries: retail, Banking, Healthcare, online shopping
DEPLOGY Audit Objective
The objective of the audit/assurance review is to provide management with an independent assessment relating to the effectiveness of cybercrime prevention, detection and incident management processes, policies, procedures and governance activities. The review will focus on cybercrime management standards, guidelines and procedures as well as the implementation and governance of these activities. The audit/assurance review will rely upon other operational audits of the incident management process, configuration management and security of networks and servers, security management and awareness, business continuity management, information security management, governance and management practices of both IT and the business units, and relationships with third parties.
IT audit and assurance professionals are expected to customise this document to the environment in which they are performing an assurance process. This document is to be used as a review tool and starting point. It may be modified by the IT audit and assurance professional; it is not intended to be a checklist or questionnaire. It is assumed that the IT audit and assurance professional has the necessary subject matter expertise required to conduct the work and is supervised by a professional with the Certified Information Systems Auditor (CISA) designation and/or necessary subject matter expertise to adequately review the work performed.