Introduction to Information Security


• Provide audit recommendations for both corrective actions and improvement to controls



Download 1,39 Mb.
bet32/44
Sana01.04.2022
Hajmi1,39 Mb.
#522548
1   ...   28   29   30   31   32   33   34   35   ...   44
Bog'liq
CSS

• Provide audit recommendations for both corrective actions and improvement to controls.

Steps of An IT Audit

  • 1. Planning Phase
  • 2. Testing Phase
  • 3. Reporting Phase

Planning Phase

Defining the Scope of Your Audit

  • Security Parameter
    • The security perimeter is both a conceptual and physical boundary within which your security audit will focus, and outside of which your audit will ignore.

Testing Phase

  • Meet With Site Managers

Procedures for Testing and Evaluating IT Controls

  • Use of generalized audit software to survey the contents of data files
  • Use of specialized software to assess the contents of operating system parameter files
  • Flow-charting techniques for documenting automated applications and business process
  • Use of audit reports available in operation systems
  • Documentation review
  • Observation

Reporting Phase

  • Exit Meeting - Short Report
    • Immediate problems
    • Questions & answer for site managers
    • Preliminary findings
    • IS auditors should be aware that, ultimately, they are responsible to senior management and the audit committee of the board of directors. IS auditors should feel free to communicate issues or concerns to such management.

Reporting Phase (cont.)

Audit report structure and contents

Computer Systems Security


Communication threats, email protection

Download 1,39 Mb.

Do'stlaringiz bilan baham:
1   ...   28   29   30   31   32   33   34   35   ...   44




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish