... or perhaps you will?!
"How is this going to be beneficial to me?"
"Here we go again, advice from people who don't know our business like me"
"This is going to be soooo time consuming"
So why not get ahead of the game and run a DIY Audit first?
Your Audit is scheduled, but – where to start and what to do? Even – what questions will the Auditor be asking? The ALLOut DIY Audit gives you a clear set of guidelines as to what an Auditor is going to be looking for. And then – step by step – you can analyse your existing set-up and know where your vulnerabilities are.
Typically you will cover – Segregation of Duties (SOD) - you need to know what SOD risks the auditors are likely to focus on – and you need to know if you have any exposure. The DIY audit will provide you with a comprehensive report on your set-up and if the exposure is high/medium/low risk.
Your profiles – are they redundant/dormant.
When was the last sign-on? – maybe the user has left.
Comprehensive reporting gives you the opportunity to clean everything up and then re-run the reports. Security set-up, use of multiple roles – is it “best practice”, what change control do you have in place? And because it is DIY – you get a chance to fix it – and re-run the reports. No embarrassing questions and no write-up. Get ahead of the game – get the fix before you get the pain!