Who would perform a structured audit?
A: Senior management.
B: IT security staff.
C: External auditors.
D: Internal auditors.
CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests
C: Structured audits (3rd party): External auditors there to validate compliance, they are experts and the audit adds credibility. Can also be a knowledge transfer for the organization, required annually in many organizations.
IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.