For this discussion, please discuss this topic: The relationship between information systems auditing and information security.

For this topic, summarized what you believe this topic is about (1 Paragraph), as well as why it is important (Another Paragraph). Then, pick an organization you are familiar with (school, company you work for, company you want to work for, place you regularly go to, etc.), and talk about how you think they utilize or adhere to the topic you picked (The Final Paragraph).

Please make sure your submission is sufficient enough to show to your instructor that you understand the topic you chose, you realize its importance, and you are able to apply the topic to a real world situation. 

 

Information system’s auditing is an independent review of a company’s records, activities (including financial ones), and any other related documents and files. It is usually carried out by a third party company to avoid any internal bias. Information security, on the other hand, protects any sort of unauthorized access, use, or disclosure of one individual/company’s information. Such practices ensure internal quality of one company – by analyzing all its records – at the same time it protects costumer’s personal information.

These practices ensure that neither consumer or company’s personal/internal information is violated and released. Many companies today, including health care companies and hospitals, hold very sensible information about costumers as they, simultaneously, demand that their financial and legal infrastructure are working properly in order to provide service of quality. Both information system’s auditing and information security policies walk alongside to certify that the company is ran as it is supposed to run and that costumer information is protected legally. 

            In the future, I would like to work for Inova Hospital.  Inova, just like any hospital, deals with a great amount of sensible information from patients that are summarized in individualized medical records. The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects patient’s data. HIPPA requires that healthcare organizations, including Inova Hospital, exhibit good practice in the administrative field, patient’s physical security, and the overall hospital’s technical security. HIPPA is an example of a law that provides information security, as healthcare professionals that violate this law may be severely sanctioned. Hospitals must be internally audited constantly by audit trails in order to provide quality service to their customers – which are the local patients.