Time to audit your MDM setup? Here’s how to get it right – Computerworld

As with any audit, standard procedures must be considered. Ideally, these core processes will follow the model of other audit procedures already in place. There will always be some differences – different systems have different functions and require different metrics to be measured. But there needs to be some kind of cohesive thread that runs through how you collect audit data, process it, report your findings, and list corrective steps to take based on the results. An MDM audit will obviously focus on different things than a server or network security audit, but all three should be based on the same basic template.

As you consider the scope of the audit and its processes, write down the specific questions you need to answer and the data you need to respond to. If this is your first MDM audit, brainstorming important areas and reaching out to external resources such as your MDM (and related services) provider can help determine exactly what you need to ask. Be sure to carefully consider each idea to see if it is truly meaningful or simply irrelevant to the mission.

If you have conducted MDM audits in the past, you need to check whether they are collecting relevant information or allowing something to go undetected. And even if past scans have been successful, remember that the mobile and threat landscape is changing rapidly. As such, you will need to consider any major changes (such as the recent rise of generative artificial intelligence) since your last audit and decide whether your previous scope needs to be adjusted.