As security becomes more and more important each day, there is a need for the IT community to understand the differences between auditors and administrators. The reason we need to keep these different job roles separate is that they are completely different.
Auditors
Auditors have two primary functions. First, auditors are responsible for ensuring the company meets all required compliance regulations. Whether HIPAA, PCI, SOX, or otherwise, auditors have a responsibility to know the compliance regulations and ensure that the company meets them. When the external auditor comes into the organization, all security, procedures, and other regulatory compliance issues need to be correct to meet compliance.
The second function of auditors is to ensure that security for the organization is correct. These may or may not match the compliance regulations. Auditors must ensure that the security for all systems is correct: windows, Unix, AS400, SQL, Cisco, and more.
Administrators
Administrators have one primary function. The primary function for administrators is to ensure that all systems are functional for employees to perform their job tasks. Administrators must work with the variety of operating systems to ensure compatibility and communication. One small patch could destroy a computer’s ability to function and communicate.
Read the entire article here,Auditors vs. admins
via the fine folks at ManageEngine
