Imagine Having Your Audit Reports Published For All The World To See…
Following multiple security incidents, the FDIC has made their audit reports available to the public.
An article review.
Here in the private sector, we can sometimes take for granted the confidentiality agreements that restrict access to our audit reports and other compliance related information–but what if they were available to any interested parties? That’s exactly what the FDIC has done, as our friend Roger Chalkley pointed out to us recently.
While many of us may prefer to keep the results of such reports private there are some benefits to disclosure. Third parties can use the information disclosed to avoid their own potentially costly mistakes, and transparency–even when having to disclose issues–can help to put the minds of clients at ease. There are still compelling reasons to maintain confidentiality regarding the results of audits of course, but being able to see how “the other guys” handled an incident (or didn’t handle it, in the case of the FDIC!) can provide useful insight.
The full PDF version of the Inspector General’s report can be found here.
Original article by Derek Johnson writing for FCW.
Leave a comment
Many organizations spend time and money deploying endpoint protection, then think the Read more
Some small organizations continue to use customer data to generate initial passwords, Read more
Another awareness poster for YOUR customers (and users). Now that we have our own em Read more
Risk isn’t the only thing to consider when planning a decision tree. Another one of t Read more