Netwrix lists the most common compliance questions asked by auditors. Around 80% of companies still fail to comply with all the requirements of PCI compliance, according to the 2015 Verizon PCI Compliance Report. A well-structured, clear and viable emergency plan that describes what actions to take in case of a security violation significantly increases a companys chances of passing an external audit. A company should be ready to present reports about its methods of data classification and segregation such as placing data into a 24/7 protected network and prove that its most valuable assets will not be compromised easily.”]
Source: https://informationsecuritybuzz.com/articles/top-5-it-security-audit-questions/

