Pub. 15 2020-2021 Issue 1
WWW.NEBANKERS.ORG 24 For more information, contact Reece Simpson at 605-270-3916 or reece. simpson@sbscyber.com . SBS delivers unique, turnkey cybersecurity solutions tailored to each client’s needs, including risk management, consulting, on-site and virtual auditing, network security and education. Learn more at www.sbscyber.com. process. An added bonus of your virtual engagement is that your IT auditor is not spending time traveling, meaning there should be an increase in the efficiency of the audit process from start to finish. Here are three common questions and solutions to note when conducting a virtual IT audit. Question 1: Can the IT auditor communicate effec - tively if the service is performed virtually? Answer: Communication is important for all services; however, in a virtual IT audit, communication is absolutely vital to the value that the organization gets from the engage- ment. A virtual IT audit should utilize several different com- munication channels such as online meetings (with screen sharing and conference call capabilities), video conferencing (when available), email, secure information sharing portals, phone calls, and text messages to ensure the quality of the process. Communication expectations should be set up front with your auditor. Question 2: What about the availability of the audi - tor vs. our in-house staff? How does that work? Answer: When an auditor is on-site it is easy to get ac- cess to your team for interviews, questions and concerns. When the auditor is virtual, it’s even more important that the auditor gets access to the staff and information needed to conduct the audit. With a virtual IT audit, a schedule should be created for the duration of the audit that encompasses the topics and ISP com- ponents to be reviewed, interview times for your staffmembers, regular check-ins with your team, and a formal Exit Meeting to discuss findings and recommendations. Question 3: What about physical security checks? How can you validate physical security controls if you’re not on-site? Answer: Physical security is a very important component in an information security program and needs to be addressed even in a virtual IT audit. Physical security can be reviewed and assessed through the use of video or photos of each physical control to ensure the completeness of the audit. If you have the ability to turn on a webcam and walk your IT auditor around your physical premises virtually, that’s the preferred option. Don’t push off the your IT audit until later. Stay ahead of cybersecurity threats and incidents with a virtual IT audit. Virtual IT Audit — continued from page 23 B A N K E R S ’ B A N K • O F T H E W E S T • WE CHAMPION COMMUNITY BANKING MARLENE WADE TRACI OLIVER TARA KOESTER LEE ANDERBERY IN BUSINESS TO FURTHER YOUR BUSINESS YOUR ADVOCATES: Nebraska’s correspondent team BBWEST.COM 411 South 13 th Sreet | Lincoln, Nebraska | 402-476-0400
Made with FlippingBook
RkJQdWJsaXNoZXIy OTM0Njg2