COMPUTER INFORMATION SECURITY AUDIT: PROCEDURES FOR POLICY DESIGN AND IMPLEMENTATION.

“Audit” is a word which generally sends shivers down the spine of even the most hardened chief executive. Most audits that we know today cover mainly financial affairs and physical security matters giving rise to financial audits and physical security audits respectively. These audits are often conducted by financial auditors. Information security audits on the other hand is concerned with the confidentiality, availability and integrity of an organization’s computer information network. Relevant secondary data were obtained from existing literature to expound this new but pertinent audit exercise. The paper has also recommended it to all organizations that are Information Communication Technology (ICT) driven.