Auditors Can Lower Risks

摘要

Compliance expenses aren't optional, but getting more from your compliance investments is a possibility. Some objectives set by auditors can double as practical security investments for the enterprise to substantially reduce risks posed by insider threats, improve operational efficiency and implement security best practices. Regulations require close monitoring and auditing of contractors, IT administrators and other high-risk users. Accounts are often tied to more than one identity, which erodes accountability of network activity and increases risk. Since these groups are by definition less trusted, it makes sense to monitor them even as they access data not protected by compliance.