Can you provide tips on what to look for in an auditing firm?
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Ask the Expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
Choosing an auditor is a serious commitment on behalf of an organization. You're likely making a long-term decision and choosing a company that will contribute significantly to the success of your business over time. Here are a few tips to help you in that selection process:
- Name recognition matters. There's a reason that the Big Four audit firms (PwC, Deloitte, Ernst & Young and KPMG) have been so successful -- they're the recognized gold standard for auditing. If you select one of these firms, you won't have to explain your choice to anyone. If you choose to go with a less-recognized (and less-expensive) auditor, you run the risk that others will view your audit report with just a bit more skepticism than if it came from one of the Big Four.
- Pricing is negotiable. Like any business service, the fees you pay your auditor are not cast in stone. You should treat it like any other contract and negotiate a fee that is fair and reasonable to both you and the auditing firm.
- Experience counts. Try to find an audit firm that has specific experience in your industry. There's a reason that most businesses tend to use the same auditor year after year -- it's simply easier (and therefore less expensive) for a firm to audit a company that they already know in an industry that they're familiar with.
- Know who will be working on your account. When you're in the sales stage, expect to have conversations with senior partners in the auditing firm. You can generally expect, however, that these people will quickly disappear when there's work to be done. When interviewing auditors, ask to meet the staff who will actually be working with you and the rest of your staff.
Take the time to select an auditor that not only suits your budget and experience, but also that you'll be comfortable working with for many years to come. After all, it's always more pleasant when you're sitting across the table from people you enjoy.
Dig Deeper on IT Security Audits
Related Q&A from Mike Chapple
A proposed cyberattack information database in the U.K. aims to improve cyberinsurance. Expert Mike Chapple explains what collecting data breach ...continue reading
The proposed CFTC regulations on cybersecurity testing are set to finalize in 2016. Expert Mike Chapple discusses the effects these regulations have ...continue reading
Whether Apple is a HIPAA covered entity was called into question when it advertised for a health regulations lawyer. Expert Mike Chapple discusses ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.