Managing security is managing risk. As explained in Chapter 1, Security ensures the confidentiality, integrity, and availability of information assets through the reasonable and appropriate
You close the lid of your laptop; it’s been a productive couple of days. There are a few things that could be tightened up, but
Marc Winner hasn’t come up with a way to precisely measure the return on investment for security training. What he does know for certain, however,
Chapter 1Security: A working definition Managing Risk Probability of Occurrence Business Impact Threat Sources Human Threats Geographic Threats Natural Threats Technical Threats Security as a
This C&A related call for help is from Latonya in Washington, DC: Need help! I am desperately searching for an instruction that will exempt a
Table of Contents Trusted Computing Boot Path Security Challenges Boot Path Attack Surface The Trusted Memory Module (TPM) TPM Architecture and Functionality TPM Concepts and
When C&A becomes A&A, will you be ready? Every few months, an elite group of DoD security experts, IT managers, and senior leadership gather to
(ISC)2 is making several changes to the CISSP exam effective January 1st, 2012. This language was found on the ISC2 website; (ISC)² CBK Domain Name
PORTIONS OF THIS ARTICLE INCLUDING MANY OF THE DEFINITIONS AND TERMINOLOGY HAVE BEEN SOURCED AND SUMMARIZED FROM ISACA.ORG and COURSE MANUALS PUBLISHED BY ISACA. A
PORTIONS OF THIS ARTICLE INCLUDING MANY OF THE DEFINITIONS AND TERMINOLOGY HAVE BEEN SOURCED AND SUMMARIZED FROM ISACA.ORG and COURSE MANUALS PUBLISHED BY ISACA. Infrastructure
Several people have asked for an IT Audit Program Template for an audit based on the ISO/IEC 27002:2005(E) security standard. This template (which can be found
PORTIONS OF THIS ARTICLE INCLUDING MANY OF THE DEFINITIONS AND TERMINOLOGY HAVE BEEN SOURCED AND SUMMARIZED FROM ISACA.ORG and COURSE MANUALS PUBLISHED BY ISACA. Application
PORTIONS OF THIS ARTICLE INCLUDING MANY OF THE DEFINITIONS AND TERMINOLOGY HAVE BEEN SOURCED AND SUMMARIZED FROM ISACA.ORG and COURSE MANUALS PUBLISHED BY ISACA. Shared
PORTIONS OF THIS ARTICLE INCLUDING MANY OF THE DEFINITIONS AND TERMINOLOGY HAVE BEEN SOURCED AND SUMMARIZED FROM ISACA.ORG and COURSE MANUALS PUBLISHED BY ISACA. Internet
Information Technology Basics In its most basic form, information technology (IT), can be reduced down to IPO. No that’s not an Initial Public Offering, but
“IT Governance and Controls” or “IT Monitoring and Assurance Practices for Board and Senior Management” Take your choice of titles of this article, but really
What is a standard? Who defines standards? Where do we as IT auditors come into contact with standards? Which framework should we use to do
Definition of IT audit – An IT audit can be defined as any audit that encompasses review and evaluation of automated information processing systems, related
Introduction to IT Audit Auditing is an evaluation of a person, organization, system, process, enterprise, project or product, performed to ascertain the validity and reliability
So you want to be an IT Auditor….. Over the course of the next few weeks, I will be posting some ten articles to help
