COVID-19 update: BCS Publishing is open for business – Some orders may take longer than stated to arrive.

Information Security Auditor

Careers in information security

By (author) Wendy Goucher

Publication date: 03 Mar 2016

The role of an information security (or assurance) auditor is vital for identifying security gaps in an organisation's information systems. This practical book gives an excellent introduction to the role, covering areas such as purpose, required skills, responsibilities, interface and career progression as well as tools, standards and frameworks related to the role. It gives practical guidance to those new to the role or interested in developing a better understanding of what it entails.
Wendy Goucher is a senior security consultant. Most of her work is focused on working with organisations to devise policy and procedures that are both compliant with external rules and operationally effective. This can be an interesting balancing act for which her first degree in psychology is useful.

Dimensions: 198x129mm

Print ISBN-13: 9781780172163

Ebook ISBN-13: 9781780172187

166 pages

Imprint: BCS, The Chartered Institute for IT


1. Introduction 

2. Overview of the field               

3. The Role of Information Assurance Auditor    

4 Building a Model Information Assurance Auditor          

5. Interface and dependencies

6. Tools, methods and techniques           

7. Career progression and related roles

8. Case study ‘A day in the life of an auditor’      

9. And so

'A refreshingly good book - easy to read with excellent guidance for both budding auditors and auditees. Wendy’s outline of a model Information Security Auditor outlines both the technical and personal skills required to succeed and it is her attention to the personal skill sets that is unique in this book.' Vernon Poole, CISM, CGEIT & CRISC - Head of Business Consultancy, Sapphire

'I believe that the book could be a useful little primer for a very important position within the IT Security field.'

Anthony Sutcliffe