September Monthly Meet

Document the finding and present it to management

Determine if a root cause analysis was conducted

Confirm the resolution time of the incidents

Validate whether all incidents have been actioned

Incident alert meantime

Number of incidents reported

Average time between incidents

Incident resolution meantime

Ensure the intrusion prevention system (IPS) is effective

Verify the disaster recovery plan (DRP) has been tested

Assess the security risks to the business

Confirm the incident response team understands the issue

Review previous system interface testing records

Document the finding in the audit report

Review relevant system changes

Review IT testing policies and procedures

Risk management metrics

External audit findings

Results of vulnerability assessments

The organizations security incident trends

location of the firewall within the network

firewall standards

firmware version of the firewall

configuration of the firewall

To increase backup resiliency and redundancy

To reduce costs associates with backups

To improve key availability metrics

To minimize the backup time and resources

The system does not have a maintenance plan

The system contains several minor defects

The system deployment was delayed by three weeks

The system was over budget by 15%

Audit risk

Consideration of risks

Assessment of prior audits

Business strategy

Database integrity checks

Validation checks

Input controls

Database commits and rollbacks