2 min read

Industry Group Issues Guide For Change, Patch Management

Report offers best practices and organizational workflow guidance to mitigate risk.

The Institute of Internal Auditors (IIA) has released the second installment of its Global Technology Audit Guides (GTAG), a series of reports that provide chief internal audit executives and their staffs with guidance in specific technology areas.

The new report, titled Change and Patch Management Controls: Critical for Organizational Success, delivers field-tested metrics for quantitatively assessing the strength of change management processes, as well as suggested management guidelines to achieve and sustain higher levels of control and performance.

"Today's internal auditor is facing many challenges in trying to ensure organizations are complying with regulations that help mitigate business risk," said IIA President Dave Richards, in a prepared statement. "The audit community is looking for prescriptive guidance that enables process improvement, while enhancing challenge resolution and compliance attestation."

The Change and Patch Management Controls provides internal auditors quantitative analysis, field-tested metrics, evaluation tools and management guidance to help assess the overall level of process risk associated with change management policies. It provides practitioners with tools that enable process improvement, enhanced challenge resolution, and compliance attestation.

The IT Controls GTAG and Change and Patch Management Controls GTAGare currently available in electronic format at. Hard copies will be available soon for purchase from the IIA Bookstore.