 |
 |
|
IT dollars are tight, but most organizations are still spending on security audits. Amplitude Research surveyed 350 IT executives and network administrators about their security and compliance activities.
|
|
- Approximately 76% of respondents have used third-party experts to audit network security practices. Of these, only 35% conduct these audits every year. Another 27% hire a third party to audit every two years and 14% do so every three years or more.
- The most critical factor behind a third-party audit is demonstrating to business partners that the company had passed a specific audit, with 65% of respondents reporting this as the key audit driver.
- Of those who have paid for third-party audits, 72% reported them a 'worthwile' investment. Around 23% felt neutral about spending dollars on outsourced audits. And 5% felt it wasn't a good investment.
- Of the 25% of organizations who had not conducted formal third-party audits, 47% reported that they didn't need one and 24% said that cost was a barrier.
- Of all of those surveyed, around 67% said they conduct internal security audits at least once a year. Another 17% said they conduct one every two years.
- Just about half of those who do conduct in-house audits said they find significant security problems during the process.
- Approximately 33% said they felt internal audits didn't go far enough, and 43% believe that their organization needs to be audited more often.
|
