Security Compliance Audit Adoption and Best Practices 2016

December, 2016


Periodic audits of IT security policy compliance are a mandate for many organizations, particularly those that process and store personal data such as patient information and customer financial records. This study examines the extent to which IT organizations have made use of IT security policy audits and measures the level of engagement in the practice. We also look at how adoption of this best practice differs by organization size and sector. Finally, we provide recommendations for monitoring the success of security audits. (15pp., 5 fig.)
[Research Byte]