From the course: CompTIA Security+ (SY0-601) Cert Prep: 10 Governance, Risk, and Compliance
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Audits and assessments
From the course: CompTIA Security+ (SY0-601) Cert Prep: 10 Governance, Risk, and Compliance
Audits and assessments
- [Instructor] Audits and assessments provide organizations with an opportunity to evaluate their security controls to ensure that those controls are functioning properly and that they're effectively protecting the confidentiality, integrity and availability of information and systems. Now audits and assessments are similar in both purpose and function. Both involve evaluating security controls, reporting on their effectiveness, and making recommendations for improvement. The main difference lies in the purpose of the review. Assessments are generally performed by or requested by an organization's IT staff. Audits are generally performed at the request of someone else, such as a regulator, executive, or board of directors. When an organization undergoes an audit, the auditors follow a formal standard and perform planned tests that are designed to determine how well the organization complies with the standard. No matter what…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.