Over the past few months I’ve had several leaders of Internal Audit departments ask: “How can we build cyber-security into our annual audit plan?”
After a few conversations I decided to put together a whitepaper to help the less-than-technical Chief Audit Executive (CAE) put together a well thought out IT Risk Assessment that helps identify and prioritize potential audit projects that tackle the subject of IT risk.