Skip to Content

GTAG: Auditing Cybersecurity Operations: Prevention and Detection

Global Technology Audit Guides May 20, 2022

Cybersecurity operations can be categorized into three high-level control objectives: security in design, prevention, and detection.

GTAG_Auditing_Cybersecurity_Ops_cover_w_border.pngStakeholders must be able to rely on internal audit’s independent, objective, and competent assurance services to verify whether organizational cybersecurity operations controls are well-designed and effectively and efficiently implemented. The internal audit activity adds value when it provides such services in conformance with the Standards and with references to widely accepted control frameworks, particularly those used by the organization’s IT and IS functions.