IT Audit Archives - risk3sixty

How to Provide Audit Evidence

So, you’ve been tasked with providing evidence for an audit. You may be wondering what your auditor is even looking for. Let’s take a look behind the scenes at why [...]

By Kendall Morris|2022-10-05T13:10:59+00:00June 1st, 2021|IT Audit and Compliance|0 Comments

Webinar: SOC 2: Everything You Need to Get a SOC 2 Report

Check out our webinar from Christian White and Christian Hyatt in which they cover the basics of SOC 2 reporting, what to expect during a SOC 2 audit, and why [...]

By Christian White|2020-06-28T20:28:59+00:00July 8th, 2020|SOC Reporting, Webinars|0 Comments

COVID-19 and ISO 27001: What Coronavirus Means for Your Certification Audit

Many organizations have been impacted by office closures during the COVID-19 pandemic. Here's how to maintain your ISO 27001 certification during the crisis. Many organizations are facing the challenge of [...]

By Christian Hyatt|2020-03-23T12:53:11+00:00March 23rd, 2020|ISO 27001 Compliance, IT Audit and Compliance, News and Events|0 Comments

Advice for Taking the CISA Exam (Updated)

Everything you need to know to pass with flying colors. As risk3sixty continues to grow, more members of our team will be taking the Certified Information Systems Auditors (CISA) exam [...]

By Jack Nguyen|2020-07-21T19:20:17+00:00February 3rd, 2020|IT Audit and Compliance|0 Comments

How to Create Effective Policies

How to leverage information security policies into leveling up your security program. People often regard information security policy as a "check-the-box" compliance initiative. Many organizations will copy a policy [...]

By Kendall Morris|2020-08-25T15:40:53+00:00December 16th, 2019|CISO Discussions, Cyber Risk Management, ISO 27001 Compliance, IT Audit and Compliance, SOC Reporting|1 Comment

Craftsmanship in Music and Compliance

If you’ve been on stage for a speech or performing arts, you know stage fright is real. Businesses can get nervous when they hear the word "audit" in the same [...]

By Jack Nguyen|2020-01-23T16:04:08+00:00December 2nd, 2019|ISO 27001 Compliance, IT Audit and Compliance, Regulatory Compliance|0 Comments

Advice for Studying and Passing the CISSP Exam

This past week I sat for the (ISC)2 CISSP exam and passed on my first attempt! With the entire preparation and test taking experience still fresh on my mind, I [...]

By Christian Hyatt|2021-10-21T17:20:00+00:00June 10th, 2016|Cyber Risk Management, IT Audit and Compliance|5 Comments

IT Audit Techniques – Inquiry, Observation, Inspection

The first thing I try to explain to new auditors (or clients going through an audit for the first time) is what techniques IT auditors use to audit. Most people [...]

By Christian Hyatt|2020-08-27T17:37:03+00:00April 13th, 2015|IT Audit and Compliance|1 Comment

Advice for Taking the CISA Exam

This past December I took the ISACA CISA exam and I’m pleased to announce that last week, I got my confirmation letter stating that I passed in the top 10 [...]

By Christian Hyatt|2020-12-03T21:00:40+00:00January 22nd, 2015|IT Audit and Compliance|29 Comments

Pen Testing: Malicious File Execution

What is a Malicious File Execution Vulnerability?Malicious file execution vulnerabilities (also called File Inclusion Vulnerabilities) is a vulnerability that occurs due to user input or uploads to websites not being [...]

By Christian Hyatt|2021-03-05T18:23:08+00:00January 8th, 2015|Cyber Risk Management|5 Comments

12 Next