User Experience: Using the Tools and Information Available to REALLY Get Effective Audit Results
Project and Program: Enterprise Data Center
, Security and Compliance
, SHARE San Jose 2017
Currently, z/OS audits are often exercises in checking if forms are filled out and passwords are changed, along with other check list steps that involve hopeless comparisons with DISA STIGs by audit staff with little familiarity with z/OS. In reality, the tools needed to perform effective reviews of z/OS controls are in use and readily available to the auditors willing to roll their sleeves up and make an effort to get REAL audit results. The information presented in this session will be especially useful to those engaged in the performance of audits and those who are subject to audit and wish to be prepared to engage auditors with system realities instead of stacks of signed access request forms, change control approvals, and endless collections of compliance documentation.
In this session, our speaker will step through how to use the tools in place and the information already in use to run the data center to support an effective audit.-David Hayes-US Government Accountability Office
Back to Proceedings File Library