Q

IT politics: Why IT auditors and Web developers are disconnected

Kevin Beaver explains why IT auditors and Web developers don't understand each other, and why they need to.

What is causing the disconnect between IT auditors and Web development?

Kevin BeaverKevin Beaver

This is an interesting dilemma in the enterprise. There are plenty of disconnects between developers and the rest of the organization -- even those working in IT -- which can be detrimental to the business.

There's often a technical disconnect, whereby IT auditors, especially the less tech-savvy ones, are completely out of the loop on what Web developers do -- and help prevent -- in terms of security. There's often a business disconnect, whereby both parties have different goals. IT auditors' goal might be to have a clean Web security assessment report, while Web development's goal might be to provide the most functional or resilient application environment. Both goals are worthy, but they're often completely separate, which can create a divide between the groups.

There's often a business disconnect, whereby both parties have different goals.

There can also be a political disconnect, which is often the strongest and most divisive kind. It's a situation I've seen, one where everyone is looking after himself, protecting his own job and interests without seeing the bigger picture of what needs to be accomplished for the business.

IT auditors tend to have the ear of management, and Web development is often seen as just another techie function that runs itself with little need for support or resources. As a result, I've seen developers literally beg and plead for better tools (i.e., source code analysis and vulnerability scanners) and more security training, and it continually falls on deaf ears. Auditors, on the other hand, are able to document a problem and present it to management, and the needed support is quickly provided.

I don't think it's a malicious disconnect. No harm is meant. It's just the way auditing and Web development have evolved, likely due to auditing's continuous connection with management and development's isolation. Developers and IT auditors can certainly have either a positive or negative impact on one another. It pays to get to know each other and to learn what's expected of their roles.

This was first published in February 2014

Dig deeper on Software Project Management Process

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.
Related Discussions

Kevin Beaver asks:

How would you define the disconnect between IT auditors and Web developers?

0  Responses So Far

Join the Discussion

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSOA

TheServerSide

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

Close