I work in a Bank. In my organization there are a unit that it’s responsable of both, data security and it audit. I have read some articles that identify the functions of each of them, but I hadn?t found anyone that analyze both in the same unit in the organization, with different staffs. Then, my question is:
Is convenient that IT audit and IT security be in the same unit ? What is the best practice ?
Thank you very much for your time and response.
Best regards