Cyber-security testing controls are more accessible than ever, making it an opportune time for IT audit teams to adopt their own techniques and become more independent rather than continuing to depend on outside penetration testers.
During the IIA’s General Audit Management virtual conference held last week, Nathan Anderson, senior director of internal audit at fast food chain McDonald’s, discussed common cyber-security questions leadership often asks and how to answer them; the tools and knowledge internal audit needs to test cyber-security controls; and the most effective methods for internal audit to adopt to become an independent cyber-security testing function.
