How to Take the Geek Factor Out of IT Auditing

In this guide, Gary Marland shares insights on bridging the gap between technical jargon and everyday language in IT auditing. Explore strategies to communicate effectively and demystify complex IT concepts. Learn how to make audits more accessible and engaging for all stakeholders.

• IT Auditing
• Communication
• Geek Factor
• Technical Concepts
• Stakeholder Engagement

mar_buc Follow

Uploaded on Feb 20, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. How to take the Geek Factor out of IT Auditing Gary Marland 1 Salford City Council

2. Contents Me Normal v Geek Language Barriers Grey Jobs 2 Salford City Council

3. Why Always Me 3 Salford City Council

4. Normal v Geek Traditional Audit v IT Audit Mainstream Audit v Technical Audit Business Audit v Information Systems Audit 4 Salford City Council

5. Geek - Definition An unfashionable or socially inept person. A carnival performer who performs wild or disgusting acts. A knowledgeable and obsessive enthusiast. "a computer geek" 5 Salford City Council

6. The Language barrier 6 Salford City Council

7. Choosing the right Language Ohay gozaimasu, watashinonamaeha geir , watashi wa ky koko de anata o 1- jikan tanoshima sete imasu 7 Salford City Council

8. Choosing the right Language Bon dia, el meu nom s Gary i jo s c aqu avui per entretenir durant una hora 8 Salford City Council

9. Choosing the right Language Buenos d as, mi nombre es Gary y estoy aqu hoy para entretenerte durante una hora 9 Salford City Council

10. Choosing the right Language Good morning, my name is Gary and I am here today to entertain you for one hour. 10 Salford City Council

11. White Grey Black Jobs 11 Salford City Council

12. Software Licensing 12 Salford City Council

13. Software Licensing Key risks; Financial penalties License breaches Reputational damage Efficiencies 13 Salford City Council

14. Software License audit FAG Find the right person Ask basic questions Get the answers 14 Salford City Council

15. Software License audit Find the Spanish techie rather than the Japanese techie Ask basic questions 1. 2. 3. 4. 5. 6. Send me a spreadsheet with all that information ..PLEASE What IT systems do you have that need a license? How many licenses did you purchase for each system? What Type of licenses do you purchase? Who uses them? How much do they cost? When were they last used per user? 15 Salford City Council

16. Software License audit Using IDEA or Excel tidy up the data Target data sets 1. Based on cost 2. Volume 3. Known issues Check actual license purchase records Compare Actual used to purchased. 16 Salford City Council

17. Software License audit Sample - SAP 10 x Developer 1. 2. 400 x Professional 1. 2. 200 x Limited Professional 1. 2. 2500 Occasional 1. 2. 1000 Self Service 1. 2. Purchase 2500 Annual 500 Purchase 1500 Annual 300 Purchase 600 Annual 150 Purchase 300 Annual 75 Purchase 40 Annual 20 17 Salford City Council

18. Data Centres What are they? What do they do? What is stored there? Why are data centres so important? 18 Salford City Council

19. Data Centres What are they all about? Store all the most sensitive and personal data for the Organisation The engine of the IT department Costs a fortune to run 19 Salford City Council

20. Data Centres What are the key risks? Data loss Service loss Financial inefficiencies 20 Salford City Council

21. Data Centres Physical and Environmental Security Controls Make sure it s secure from data loss Make sure it s protected from service loss 21 Salford City Council

22. Data Centres Physical Security Lock it Restrict it Monitor it Structurally secure it 22 Salford City Council

23. Data Centres Environmental Security Power UPS Back up generator Cooling Flood Air Quality, temperature, Sound, Humidity, etc Fire Electro magnetic disturbances Structure, equipment positioning, flooring, etc 23 Salford City Council

24. Remote Access Policies and Procedures 3rdparty access User access management Security Monitoring Change control 24 Salford City Council

25. Penetration testing Ethical hacking Blagging (Social Engineering) 25 Salford City Council

26. Social Engineering How to determine your Star Wars Star Wars name How to determine your name For your new first name: Take the first 3 letters of your 1st name and add the first 2 letters of your last name For your new last name: Take the first 2 letters of your mum's maiden name and add the first 3 letters of the city you were born 26 Salford City Council

27. Social Engineering GARMA HAMAN 27 Salford City Council

28. Social Engineering How to determine your Bond Girl Bond Girl name How to determine your name For your new first name: Name of your first pet For your new last name: The name of your first school 28 Salford City Council

29. Social Engineering Your mother s maiden name Your full name Name of your first pet The City you were born Name of your first school 29 Salford City Council

30. Summary Have a go Have the usual opening meeting Google the techy bits Clarify If you have a problem, if no one else can help, and if you can find them....maybe you can hire The A Salford Team 30 Salford City Council

31. Questions Gary Marland IT Audit Client Manager Salford Internal Audit Services DD E E Salford City Council 3rd Floor Civic Centre, Chorley Road, Swinton M27 5AW T T DD 0161 607 6974 gary.marland@salford.gov.uk Salford City Council 31 0161 794 4711 Salford City Council