Audits – Why You Need a Security Audit Before Ringing In 2015

There’s only 59 days left until Christmas. Considering many of us take on vacations in late December that stretch until New Year, let’s rephrase our initial statement.

You only have 59 days to perform a security audit at your company. Security audits take on many forms depending on what type of firm you own or work for. Here’s a sampling, courtesy of California State University Long Beach:

  • Financial Audits or Reviews
  • Operational Audits
  • Department Reviews
  • Information Systems Audits
  • Integrated Audits
  • Investigative Audits or Reviews
  • Follow-up Audits

The word ‘audit’ has lots of lingering negative connotations. If you’ve ever been subjected to an audit, you know the feeling that hurtles through your body at the mere mention of it. A cold sweat. Pumping heart. Fidgeting hands. Uneasy glances with your co-workers. And that’s even if you have nothing to worry about.

An audit, nonetheless, can feel like an invasion. A fission of distrust. A crack in your foundation with your business. It’s easy to take an audit personally and feel hurt. It doesn’t have to be that way if you show your cards:

If you’re the boss, it’s imperative that you understand how an audit can make your employees feel and find ways to inform them of the what-how-when-where-why’s so that the audit is demystified and that your employees know the audits purpose and mission.

If you’re the boss and you’re being audited by an outside agency or your board of directors, be transparent. Provide them the information they request and understand that audits are a necessary component to successful businesses.

If you’re an employee, ask questions but don’t consider it your job to be your co-workers’ investigative journalist. In most cases, you have a right to ask the what-how-when-where-why’s, and in most cases, your employer has a right to protect that information if, indeed, they are looking for discrepancies. Keep in mind that most employers are aware of your feelings about audits and want them to be handled as efficiently and professionally as possible.

These Companies Could’ve Used a Security Audit

It’s important to remember that an audit provides a real-world snapshot of how your company is running. It’s meant to provide real data that can catapult decision makers into making decisions that can improve the organization as a whole.

These companies are probably wishing they had run some decent audits before making headlines for all the wrong security reasons:

All of these companies probably could’ve benefited from a more thorough security audit of their Information Systems (IS). We’re not saying that they weren’t previously audited. As big as all those businesses are, we’re sure that somewhere along the way someone took a good, hard look at their IS. Hindsight is twenty-twenty, though, and clearly, there were still major gaps in their coverage.

What IS an IS Audit?

The folks at Cal State Long Beach put together a handy resource for anyone looking to better understand IS audits. There are three basic varieties and the Cal State article is so good, we’re going to use a portion of their explanations:

  1. General Controls Review
    A review of the controls which govern the development, operation, maintenance, and security of application systems in a particular environment. This type of audit might involve reviewing a data center, an operating system, a security software tool, or processes and procedures (such as the procedure for controlling production program changes), etc.
  2. Application Controls Review
    A review of controls for a specific application system. This would involve an examination of the controls over the input, processing, and output of system data. Data communications issues, program and data security, system change control, and data quality issues are also considered.
  3. System Development Review
    A review of the development of a new application system. This involves an evaluation of the development process as well as the product. Consideration is also given to the general controls over a new application, particularly if a new operating environment or technical platform will be used.

As 2014 comes to a close (remember – 59 days, yikes!!!!) it’s up to you to take your company’s IS security seriously. One of the ways to do this is by auditing your current system. After all, hackers aren’t going to be deterred by minor smoke screens. If anything, their intelligence will continues to escalate. You have an obligation to protect your company, your employees and your customers’ information. Time’s ticking…..

This entry was posted in Applicant-Entry Solutions, Background Screening, General, Global Solutions, Human Resources, Industry Solutions, News, Seasonal and tagged , , , , , by Patricia Carlson. Bookmark the permalink.

Patricia Carlson is a content writer who specializes in B2C and B2B inbound marketing. She blogs regularly for clients about the background screening and finance industries, and generates newsletters, white papers and email campaigns for a variety of businesses. Patricia also produces a heavy rotation of editorial material for home design, law enforcement, and family magazines. She’s been writing professionally for more than a dozen years, and for Active Screening for more than two of those. Check out LinkedIn for a roster of Patricia’s clients and links to published works. When she’s not interviewing sources or researching trends, she’s living a fast-paced Florida life questioning the antics of her two young children, partner and mischievous cat. Patricia loves to talk tennis and TV on Twitter – give her a shout @pattycfreelance.

Active ScreeningBarbara S.
Healthcare Industry

"Here at Holland Hospital, we have been extremely pleased with Active Screening. The report results come back quickly, usually within 24 hours or less.  The staff at Active Screening is easy accessible, knowledgeable and responds to our questions promptly."

Active ScreeningLynn C. Staffing Industry

"Benton Mobley has been and remains my Main point of contact at Active Screening from the beginning; so aside from the comfort of dealing with the same person all these years, there is the most important fact of all;  customer satisfaction. Benton knows the business like the back of his hand; and that is what we need in our fast paced industry of staffing. He is the all-time BEST!  MY employer, Leslie, believes in the notion that great service deserves to be rewarded, so we are here for the duration.We get immediate and personalized attention for any and all concerns we need addressed, and in the staffing industry, this is vital."

Active ScreeningCayce R. Education Industry

"My experience working with Active Screening for our background check process has been very positive.  The reports are almost always completed in a very timely fashion. The information reported appears to be very thorough and accurate.  On the rare occasions that we have questions or problems, the customer service team is always very quick to respond and resolve the issue.  Overall, I am very pleased with the service I receive from Active Screening."

Active ScreeningCraig H. Staffing Industry

"Your customer service is excellent.  The turn around time on background checks is quite fast.  Excellent work.  I haven't had a single problem."

Active ScreeningJackie C. Education Industry

"I wanted to thank you and your staff for being so patient and working so diligently with the Human Resources staff during our recent endeavor to process all of our work study students through background screenings.  We have never had to process so many requests within such a short period of time before, but thanks to you and your staff we made it. Again thank you, we made a good choice in selecting Active Screening."

Active ScreeningLindsey W.  Financial Industry

"I wanted to share my appreciation for your wonderful service...switching background screening companies could have been a stressful task, but your company made the transition seamless. Your website was extremely easy to navigate and the turn around time has been great. I appreciate when information is missing or entered incorrectly during ordering, your company notifies me right away to ensure that my error does not hold the reports results, causing us a delay in hiring an individual...Active Screening has been great to us and I would definitely refer them to others."

Active ScreeningTerry S. Property Management

"Working with Active Screening over the last year and half has been a wonderful experience. They deliver fast and informative results at the best price. Their level of professionalism and the speed they respond to our issues is a benefit that any company can value from. I would highly recommend using Active Screening and their amazing team."

Active ScreeningYulesis D.  Staffing Industry

“Interactive Response Technologies (IRT) has more than 2,000 employees at multiple locations across the United States. IRT has been using Active Screening to conduct criminal background checks since 2006. During this time, Active Screening has consistently returned accurate reports, usually with less than 48 hours turnaround. If there are any problems or inconsistencies with the reports, their staff has called to notify us so that we can attempt to rectify the situation. The staff at Active Screening is always courteous and congenial over the phone. In our opinion, Active Screening is outstanding.”

Active ScreeningAndy N. Software Provider

 "Active Screening has helped us screen our applicants in record time for more than two years.... we are very impressed with the professionalism and speed with which their service team responds to our questions. They understand our needs and are a pleasure to work with. I highly recommend them."

Active ScreeningCassie J. Staffing Industry

"The Active Screening team is very informative; they provided a complete consultation on all the services, so I understood what I needed, and saved me hours and hours of my time learning the various services. Their reputation, as being on the cutting edge of employment screening best practices, certainly held true in this instance. The expertise they brought to the table was invaluable to our understanding of our applicants backgrounds. I highly recommend Active Screening to anyone with the task of screening large numbers of applicants and needing reliable customer support."

Active Screening

With over 20 years of law enforcement experience I can attest to the fact that the strongest predictor of future criminal behavior is a person’s criminal history. As the manager of campus safety at my church, I depend on Active Screening to provide a thorough assessment of every criminal history background check we request. For more than 3 years, Active Screening has been faithful to this task with timely, accurate and reliable service.

Active Screening

We have benefited from knowing that we are not exposing the communities we work with or ourselves to unnecessary risk. We continue to have a perfect record in that we have never had a serious incident with a trip participant causing harm or acting inappropriately with any community member or fellow team member- thank goodness!

Active Screening

I would highly recommend any association or organization who conducts background checks to use Active Screening. In addition to my involvement with WAHA, I am an officer in a corporation with over 500 employees who provide treatment, mental health, and correctional services for children and adolescents. Our company is mandated by law to do comprehensive background searches and I can say with the utmost sincerity that Active Screening product rivals that of any government or other private sector process.

Active Screening

We have used Active Screening and their solution VERITY to screen all our coaches and volunteers working with youth. The online system gives us an easy and cost-effective solution to collecting forms and payments from our applicants...and we simply login to view the results of who passed or failed. It's so easy....thank you Active Screening.