I haven’t seen many engineers who know the first thing about controls. But it’s literally most of what internal audit, compliance, privacy & risk people do.
How about an export feature from Archer or <name your internal audit tool here> that would save everyone a bunch of time and effort.
The other issue is that most of these client audits are a word or excel doc. Throwing your SOC back at them doesn’t work in most cases.
How about an export feature from Archer or <name your internal audit tool here> that would save everyone a bunch of time and effort.
The other issue is that most of these client audits are a word or excel doc. Throwing your SOC back at them doesn’t work in most cases.