Compliance Audit Tools

Auditors focused on cyber security most often utilize a control oriented approach to assessing an organization. The question is always, which controls should the auditor use as the foundation for the assessment? Often times the scope of an audit will focus on the controls defined by a particular standards body or regulatory group. Assessments based on control standards such as the CIS Controls, the NIST Cybersecurity Framework, PCI DSS, and others are some of the most popular types of audits performed. As a result, at AuditScripts, we have created a series of Microsoft Excel based audit tools that an organization can use to measure their compliance with such a standard and create easy to read dashboards that can be used inside of an audit report. The following audit tools were designed to make it easier for auditors to assess their organization and report potential concerns to leadership.