ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    What to ask for in a Cybersecurity Auditor ...

    IT Discussion
    cybersecurity audit
    6
    8
    855
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BraswellJay
      last edited by

      I've been asked to get a few quotes for a cyber security audit. Apparently the cyber insurance coverage that we've been carrying is going to require an audit prior to allowing us to renew the coverage when the current policy term expires later this year.

      What are some things I should make sure to inquire about from perspective auditor vendors to make sure we cover as much bases as possible?

      Any other tips or suggestions would also be appreciated.

      Thanks.

      notverypunnyN scottalanmillerS 2 Replies Last reply Reply Quote 0
      • notverypunnyN
        notverypunny @BraswellJay
        last edited by

        @braswelljay Check with the insurance carrier to see if there's any credentials / certifications etc that they require your auditing company to have. It'd suck to go through the audit only to find out that it didn't meet the insurance company's requirements.

        IRJI 1 Reply Last reply Reply Quote 2
        • IRJI
          IRJ @notverypunny
          last edited by

          @notverypunny said in What to ask for in a Cybersecurity Auditor ...:

          @braswelljay Check with the insurance carrier to see if there's any credentials / certifications etc that they require your auditing company to have. It'd suck to go through the audit only to find out that it didn't meet the insurance company's requirements.

          I agree. Make sure the audit meets insurance requirements.

          DashrenderD 1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @IRJ
            last edited by

            I'm dealing with something similar. While they don't require an audit, they are requiring a list of items be done. I plan to work with them closely to make sure the options we choose fulfill their requirements.

            1 Reply Last reply Reply Quote 0
            • travisdh1T
              travisdh1
              last edited by

              Let us know if you find a competent auditor. I've worked in IT for quite a few years and have yet to meet/find a decent auditor.

              scottalanmillerS 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @travisdh1
                last edited by

                @travisdh1 said in What to ask for in a Cybersecurity Auditor ...:

                Let us know if you find a competent auditor. I've worked in IT for quite a few years and have yet to meet/find a decent auditor.

                Do you want competence? Or do you want an auditor? You need to choose.

                travisdh1T 1 Reply Last reply Reply Quote 2
                • scottalanmillerS
                  scottalanmiller @BraswellJay
                  last edited by

                  @braswelljay said in What to ask for in a Cybersecurity Auditor ...:

                  What are some things I should make sure to inquire about from perspective auditor vendors to make sure we cover as much bases as possible?

                  Really "will it be covered by your insurance" and "how much does it cost" are all that matter. Insurance audits have little to no purpose outside of the insurance aspect of it. They aren't about security or good practice or anything of the sort. Don't want resources trying to find a unicorn that doesn't exist. Just make your insurance people happy.

                  1 Reply Last reply Reply Quote 2
                  • travisdh1T
                    travisdh1 @scottalanmiller
                    last edited by

                    @scottalanmiller said in What to ask for in a Cybersecurity Auditor ...:

                    @travisdh1 said in What to ask for in a Cybersecurity Auditor ...:

                    Let us know if you find a competent auditor. I've worked in IT for quite a few years and have yet to meet/find a decent auditor.

                    Do you want competence? Or do you want an auditor? You need to choose.

                    Exactly, lol!

                    1 Reply Last reply Reply Quote 0
                    • 1 / 1
                    • First post
                      Last post