|
|
|
|
|
|
by raesene9
1862 days ago
|
|
|
It's an inevitable part of the way IT Audit is structured. Standards are necessarily abstract from specific systems (so don't always apply well) and updating standards is a slow process. The auditors themselves are often tasked with reviewing a massively disparate group of systems, so there's no way they could be come subject matter experts in each one. So the result is a checklist approach, especially as most compliance tasks are pass/fail. |
|
|