There is a juncture where a maturing cybersecurity program will experience an audit, where policies and procedures will be evaluated for accuracy and adherence. While it’s important to compose effective governance documents, Dale Peterson suggests that concurrently developing your cybersecurity audit program has equal benefits. Incorporating audit testing criteria during development should help identify the “must” policies versus the “shall” guidance often found confusingly intertwined in governance documents. Dale suggest multiple benefits to this combined approach, including the identification of unclear and potentially impractical security requirements. Furthermore, inclusion of audit tests could reduce the time and cost of an audit. Read more at Dale Peterson.
You are here
Related Resources
Jun 28, 2024 in Cybersecurity, in OT-ICS Security, in Security Preparedness
Jun 27, 2024 in Cybersecurity, in Security Preparedness
Jun 27, 2024 in Cybersecurity, in OT-ICS Security, in Security Preparedness