Hi, When we audit Information Systems, we are looking at how well they conform to certain standards. The common ones for IT being CoBIT, PCI, NIST,ISOxxx to name a few. Example: NIST SP800-53 R2 CA-2 says independent reviews and assessments should be done regularly. So to audit an organization against this, would be to collect evidence that it conforms to this
With Assessment, we evaluate a systems efficiency and effecttiveness in supporting business objectives. As opposed to audits that should be done by external/neutral parties, these can be done from within, with the view of improving the effeciency and effectiveness of the systems. Offcourse sometimes, the evidence collection stage of an audit, might require an assessment :-) - something which makes understanding the two concepts abit confusing, but I hope I got the point across Regards, On 4/16/12, Victor van Reijswoud <[email protected]> wrote: > Can you explain the difference between an assessment and an audit?? > > V > > > On Mon, Apr 16, 2012 at 2:54 PM, Douglas Onyango <[email protected]> > wrote: >> Brian, >> I would be happy to volunteer some time to this initiative. >> However, I would like for you to confirm that what we want to do is >> actually 'audit' and not 'assess'. >> >> These two are commonly confused and could have a bearing on the >> outcome of this exercise, especially when we are going deep into >> standards like the onse that Moses is pointing to below. >> >> Regards, >> On 16 April 2012 15:45, Moses Billy <[email protected]> wrote: >>> Hi Brian, >>> >>> I would be interested to participate in your project. >>> >>> It would be good to benchmark on frameworks like COBiT, ITIL and ISO >>> 270002:2005 >>> >>> Thanks >>> >>> >>> >>> >>> On Mon, Apr 16, 2012 at 3:33 PM, Brian Ssennoga <[email protected]> >>> wrote: >>>> >>>> LUG, >>>> >>>> I would like to, starting with myself; and my workplace, volunteer (and >>>> thereby source) services, skill and time, from people who would like to >>>> put >>>> their massive experience around ICTs to form a team that is willing to >>>> offer >>>> probono ICT Audit services, as a way for the ICT community to develop >>>> each >>>> other. >>>> >>>> Whereas i know this is probably someone's bread and butter, I can only >>>> look at the LUG to find persons who i know will willingly and happily >>>> give >>>> of 2 half-day saturdays, to work together to help me review the ICT >>>> structure, functions and systems here at IHSU. >>>> >>>> Ideally, those people would have shared experiences spread among ICT >>>> functions, vital for a University such as Wireless Systems, >>>> Websites/Intranets, Server Administration, Networking and >>>> Administration. >>>> >>>> I would like to do a strategic planning for IHSU's next few years, and a >>>> comprehensive ICT Audit would go a long way in providing rich input for >>>> a >>>> document and plan of this nature. For that, i need Alex Kisakye to lead >>>> a >>>> volunteered team. >>>> >>>> What do you think? >>>> >>>> Off my head, this team, could then use this experience to 'audit' other >>>> Universities (if willing) and/or companies that are heavily (or greatly >>>> intent on) using Free and Open Source Software. >>>> >>>> Hoping to appeal to the community that the LUG is. >>>> >>>> -- >>>> Love indeed conquers all..... >>>> Brian A. Ssennoga >>>> >>>> _______________________________________________ >>>> The Uganda Linux User Group: http://linux.or.ug >>>> >>>> Send messages to this mailing list by addressing e-mails to: >>>> [email protected] >>>> Mailing list archives: http://www.mail-archive.com/[email protected]/ >>>> Mailing list settings: http://kym.net/mailman/listinfo/lug >>>> To unsubscribe: http://kym.net/mailman/options/lug >>>> >>>> The Uganda LUG mailing list is generously hosted by INFOCOM: >>>> http://www.infocom.co.ug/ >>>> >>>> The above comments and data are owned by whoever posted them (including >>>> attachments if any). The mailing list host is not responsible for them >>>> in >>>> any way. >>> >>> >>> >>> >>> -- >>> >>> No Life ever grows great until it is focused, dedicated, and desciplined. >>> - >>> Henry Ermerson Fosdick >>> >>> >>> >>> _______________________________________________ >>> The Uganda Linux User Group: http://linux.or.ug >>> >>> Send messages to this mailing list by addressing e-mails to: >>> [email protected] >>> Mailing list archives: http://www.mail-archive.com/[email protected]/ >>> Mailing list settings: http://kym.net/mailman/listinfo/lug >>> To unsubscribe: http://kym.net/mailman/options/lug >>> >>> The Uganda LUG mailing list is generously hosted by INFOCOM: >>> http://www.infocom.co.ug/ >>> >>> The above comments and data are owned by whoever posted them (including >>> attachments if any). The mailing list host is not responsible for them in >>> any way. >> >> >> >> -- >> Douglas Onyango | +256(0712)981329 | Twitter: @ondouglas >> Life is the educator's practical joke in which you spend the first >> half learning, and the second half learning that everything you >> learned in the first was a joke. >> _______________________________________________ >> The Uganda Linux User Group: http://linux.or.ug >> >> Send messages to this mailing list by addressing e-mails to: >> [email protected] >> Mailing list archives: http://www.mail-archive.com/[email protected]/ >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> To unsubscribe: http://kym.net/mailman/options/lug >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> http://www.infocom.co.ug/ >> >> The above comments and data are owned by whoever posted them (including >> attachments if any). The mailing list host is not responsible for them in >> any way. > _______________________________________________ > The Uganda Linux User Group: http://linux.or.ug > > Send messages to this mailing list by addressing e-mails to: [email protected] > Mailing list archives: http://www.mail-archive.com/[email protected]/ > Mailing list settings: http://kym.net/mailman/listinfo/lug > To unsubscribe: http://kym.net/mailman/options/lug > > The Uganda LUG mailing list is generously hosted by INFOCOM: > http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The mailing list host is not responsible for them in > any way. > -- Douglas Onyango | +256(0712)981329 | Twitter: @ondouglas Life is the educator's practical joke in which you spend the first half learning, and the second half learning that everything you learned in the first was a joke. _______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
