The Audit Quality Episode
Transcript
-
Introduction to the Guest and Topic:
Host Allie Kings welcomes Joseph Kirkpatrick, founder of KirkpatrickPrice, to discuss the importance of quality audits in cybersecurity and compliance. Joseph shares his perspective on why audits should be thorough and meaningful, emphasizing that in a world of increasing cyber threats, quality audits are essential to ensure organizations meet standards and protect their environments.
-
Why Quality Audits Matter?:
Audits are often perceived as stressful or routine, but Joseph argues that they should be educational and impactful. He compares the stereotype of auditors to that of dentists or plumbers and explains how Kirkpatrick Price aims to break that stereotype by making audits beneficial and insightful.
-
What is Quality Testing?:
Quality testing begins with aligning the auditor’s expertise with the client’s environment. For example, an auditor proficient in AWS should not audit a non-AWS environment. A quality audit also requires a well-defined plan and a clear understanding of what is being tested and why. - Example of a Quality Finding:
Joseph shares a story where an auditor discovered vulnerabilities in Kubernetes containers despite the client claiming they used a standard image. The auditor went beyond surface-level checks and found that engineering changes had introduced outdated images, revealing hundreds of vulnerabilities that would have otherwise gone unnoticed. -
Culture and Mindset for Quality Audits:
Quality audits require both the auditor and the client to be aligned in their goals. Clients must be open to learning and improvement. Joseph recalls a CIO who appreciated being challenged during the audit, viewing it as an opportunity for growth rather than a burden.
-
Finding Quality Auditors:
KirkpatrickPrice hires professionals who have real-world experience – former IT directors, CISOs, compliance officers—rather than just academic credentials. They also look for lifelong learners who actively pursue certifications and training, ensuring auditors are both knowledgeable and curious.
- The Story That Changed Everything:
Joseph recounts a pivotal moment early in his career when a client’s dedication to the audit process—and her son’s interest in her success—made him realize the deeper impact of audits. This experience led him to commit to conducting only quality audits, emphasizing that the work auditors do affects real people and real businesses.
- How Clients Can Ensure They Receive a Quality Audit:
- Read the Report: Clients should thoroughly review audit reports to ensure accuracy and relevance.
- Empower Internal Teams: Qualified internal staff should oversee the audit process and challenge auditors when necessary.
- Seek External Advice: If internal expertise is lacking, clients should consult external professionals to validate the audit’s quality.
Notes
- Show notes: The Audit Quality Episode
KirkpatrickPrice is on a mission to help 10,000 people elevate the standards for cybersecurity and compliance. In this episode, founder and President Joseph Kirkpatrick shares the why behind the mission of delivering quality audits and what sets KirkpatrickPrice apart. Join Our Cybersecurity Mission: https://www.linkedin.com/showcase/our-cybersecurity-mission
We believe if you are going to do an audit, it should be worth it. At KirkpatrickPrice, you’ll have a partner guide you from audit readiness to final report so you get the assurance you deserve. Ready to learn about how we can help your business to meet your challenging security and compliance goals? Connect with an expert.
Send a Question
Do you have a question for our podcast? Send it to us here.
