Audit
With resources and budget committed, perform a detailed audit of controls in place and determine a plan for gaps and deficiencies.
The audit phase includes the following key elements:
Review all processes, controls, and policies to determine how well they support the necessary compliance requirements.
Document deficiencies between existing controls and their desired state.
Use risks assessments of the deficiencies to prioritize control changes to achieve compliance and improve business performance.
Manage stakeholder expectations with timely and accurate reporting of all findings and recommendations.
Monitor and adjust plans as needed to meet the project goals.
