This would keep you up at night:

You’re the CIO of a credit union, and on Friday night you get an e-mail from a customer suggesting that you check your company’s electronic banking site. You open a browser and discover, plastered across the homepage in gigantic crimson letters, a very famous four-letter word. You’ve been hacked! You quickly phone your website outsourcer, only to discover that everyone has left for a long weekend. Meanwhile, your browser is emitting more "You’ve Got Mail" chirps, letting you know that your new corporate message is not going unnoticed.

Sound bad? It gets worse. During the inevitable meeting with top management to explain how this happened, you discover that your external auditors?the bean counters you’ve ignored for the past six months?have just reminded the board of directors that this never would have happened if you had listened to their advice about systems security. So now this act of website vandalism makes it appear to your CEO that the accountants can do your job better than you.

Fortunately, the CIO who suffered through that scenario did hang on to his job. (Find out how later in the article.) But the lesson is clear: In the wake of business scandals and ongoing pressure to contain corporate costs, the accountants are coming, and they’re gunning for the IT group. Both internal auditors and outside certified public accountants are focusing on IT processes like IT security, not just the results of individual IT projects. In some cases, they are bringing technical experts with them.

Adding to a sense of urgency, regulators are getting involved on both sides of the CIO-auditor relationship. The audited results of some corporations are finding their way to CIOs’ desks: Some companies are asking their CIOs to sign off on their financial statements to comply with the Sarbanes-Oxley Act, which seeks to ensure the accuracy of financial statements. And under the same law, the Securities and Exchange Commission in January mandated that accounting firms must retain for seven years records (including electronic records) relevant to audits they perform.

For a CIO, it all adds up: Prepare to answer more questions, in more detail, than ever before.

But while this increased scrutiny takes up important staff time and represents a challenge to the CIO, it’s also an opportunity. CIOs can use auditors’ analyses to improve their processes, to assess and manage risks, and identify problem areas. Here are nine strategies for surviving the auditing process with the auditors working with you, not against you.