There are many ways that information security and internal audit departments can work together. This session will explore the successful model that RIT has used to drive several IT security audits. Areas of discussion will include using InfoSec resources to complement audit resources and handling the politics of the two groups working together, as well as audit planning, technical interpretation and advisement, vulnerability, and penetration testing. The benefits of this relationship will be explored in-depth.
Enterprise Information Security Lead Engineer, Rochester Institute of Technology