About WVOT IT Internal Audit
The West Virginia Office of Technology (WVOT) Office of Information Security and Controls (OISC) is responsible for establishing, maintaining, and managing an objective and internally independent internal Information Security Audit Program.
This program serves the Executive Branch by examining, evaluating, and reporting on information technology (IT) applications, systems, operations, processes, and practices to provide reasonable assurance that security controls will:
- Safeguard information assets and protect privacy;
- Preserve the integrity and reliability of data;
- Function as intended to achieve the entity’s objectives; and
- Comply with standards, policies, and regulations.
Audit efforts are focused on those operational areas presenting the highest degree of risk, as well as the greatest potential for benefit to the Executive Branch.
Internal Audit recommendations are designed to help Executive Branch agencies manage operations more efficiently, resulting in a more effective use of resources.
The WVOT Internal Audit Program follows the Professional Standards of the Practice of Internal Auditing as issued by the Information Systems Audit and Control Association (ISACA), the Institute of Internal Auditors (IIA), and the International Information Systems Security Certification Consortium (ISC²) Additionally, the WVOT Audit Program adheres to information security standards as published by the Information Standards Organization (ISO).
The WVOT Internal Audit Program reports functionally and administratively to the Chief Information Security Officer (CISO).