Guide: How to Pass an IT Audit

Thursday, September 01, 2011

Sasha Nunke

6429389c5e8a4c9555be876f8484331a

Free Guide: How to Pass an IT Audit

This guide covers the steps and procedures to passing an IT GRC audit — as told by an enterprise end-user who deployed QualysGuard Policy Compliance:

As a lead security analyst at a large Fortune 500 financial institution, we’re subject to many audits of our IT security.

After trying several tools for Governance, Risk and Compliance, we recently switched to QualysGuard Policy Compliance as a practical way to automate management of IT controls, verify compliance with policy, and document everything for auditors.

We were already a satisfied user of QualysGuard Vulnerability Management, so it made sense to leverage those automated asset and vulnerability scanning capabilities that are integrated with the QualysGuard platform.

We put QualysGuard PC straight to use on a pending audit of our UNIX environment, which hadn’t done so well in the previous examination.

Deployment was painless and our security team loved the easy to use capabilities that freed their time to focus on policy creation and testing.

Most important: we passed the audit. The purpose of this document is to pass along tips we learned that may be useful as you consider adopting QualysGuard PC.

Download this Free White Paper HERE

More Complimentary White Papers Available from Qualys:

Avoiding 7 Common Mistakes of IT Security Compliance

Web Application Security: Minimizing the Risk of Attacks

Strategies For The Efficient CISO

The Big Shift to Cloud-Based Security

Top 10 Reports for Managing Vulnerabilities

Managing Risk and Keeping Your Network Secure

Understanding and Selecting a Database Assessment Solution

Possibly Related Articles:
5709
General
Information Security
Compliance Enterprise Security Governance Security Audits Guidelines Qualys
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.