Elements and Performance Criteria
- Plan security audit
- Identify the scope and objectives of the audit and prepare an audit plan to meet the objectives.
- Identify the organisation’s information systems to be included in the audit plan.
- Advise appropriate personnel of the audit plan and its requirements.
- Identify and prioritise possible sources of security risk and prepare an audit checklist.
- Conduct security audit
- Report on security findings
- Maintain audit records and prepare audit reports.
- Produce report including background, scope, outcomes and recommendations.
- Use language and style to suit the audience and in line with organisational requirements for accuracy and timeliness.
- Support recommendations with evidence and highlight actions identifying person/s responsible for implementation.
- Plan security audit
- Identify the scope and objectives of the audit and prepare an audit plan to meet the objectives.
- Identify the organisation’s information systems to be included in the audit plan.
- Advise appropriate personnel of the audit plan and its requirements.
- Identify and prioritise possible sources of security risk and prepare an audit checklist.
- Conduct security audit
- Report on security findings
- Maintain audit records and prepare audit reports.
- Produce report including background, scope, outcomes and recommendations.
- Use language and style to suit the audience and in line with organisational requirements for accuracy and timeliness.
- Support recommendations with evidence and highlight actions identifying person/s responsible for implementation.