How many unauthorized data exfiltration attempts have been detected recently by the organization's Data Loss Prevention (DLP) system? What percentage of the organization's business systems are not utilizing host based Data Loss Prevention (DLP) software applications? Whether it was a customer request or a conversation with an examiner, they expected a detailed answer broken out by business unit. If you manage compliance, you are accountable to these answers.
Does Audit Make us Secure? Presented at ISACA SV Spring Conference, May 15th, 2015
Robin Basham, M.Ed, M.IT, CISSP, CISA, CRISC, CGEIT, HISP, CRP, VRP
Founder EnterpriseGRC Solutions
Companies that passed audit and had a major breach