30 Days of IT Compliance Q&A #1: How Do I Prepare for a Compliance Audit?

For the next 30 days we will address questions about I.T. compliance … and how you can take the pain out of staying compliant. Do you have an I.T. compliance question you’d like us to answer? If so, we’d love to hear from you!  

These questions may span across many compliance mandates, from PCI DSS, HIPAA, SOX, ISO and more; or they may be specific to a particular mandate like FERC or NERC.

Many of our answers will involve using our software to solve your problem, but we’ll also include other tips and tricks that we think are useful.We’ll approach this by asking, “What questions might you hear during a typical compliance audit, and how can you best (and most easily) answer them?” 

So let’s kick off today’s question …

How do I prepare for a compliance audit?

 As Benjamin Franklin famously said, “By failing to prepare, you prepare to fail.”

Preparing for a compliance audit should be part of everyone’s ongoing compliance process, not an end in itself. The recently implemented PCI 3.0 mandate describes payment card security as “part of business as usual, rather than a snapshot in time.” This is the right way to view compliance programs, as they can be used to help a business to increase their security maturity or prove competency at an existing level.

With that in mind, your audit preparation should have started sometime before the audit – possibly months or even years, depending on the compliance standard you are working on and the complexity of your environment. 

Here are some of our favorite resources for getting a handle on audit preparation:

Surviving a Compliance Audit


Start to End: Keys to an Audit-Driven Corporate Compliance Program


Pre-audit planning: Four Keys to a Successful IT security Audit


10 Steps to Meet Data Compliance Audits


Audit management: Five Strategies to streamline the PCI audit process


PCI DSS Self-Assessment Questionnaire


10 Ways to Fail a PCI Compliance Audit


Tips for Passing a HIPAA Audit


HIPAA Omnibus Audit Preparation


5 Recommendations to Prepare for a HIPAA Audit


Preparing HIPAA Business Associates and Subcontractors for 2014 OCR audits


Passing a SOX Audit: Lessons Learned from an Information Security Professional


5 Ways to Prepare for a SOX Audit


Preparing for an ISO 9001 Certification Audit



Do you have a great resource that we should add to this list? If so, please tell us about it!



Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone

Try AccelOps FREE for 30 Days


Get a Live Product Demo



cloud security big data RSA analytics compliance Q&A PCI DSS HIPAA Sarbanes Oxley (SOX) Target breach

About Accelops

AccelOps provides analytics-driven IT Operations Management for cloud and virtualized infrastructures. The virtual appliance software manages security, network performance and compliance, all on a single screen. AccelOps automatically discovers, analyzes and automates IT issues in machine and big data across organizations’ data centers and cloud resources, spanning servers, storage, networks, security,applications and users.

Keep Social

twitter facebook linkedin