Enterprise Security: A practitioner’s guide – Chapter 1
Chapter 1Security: A working definition
Managing Risk
Probability of Occurrence
Business Impact
Threat Sources
Human Threats
Geographic Threats
Natural...
Management, compliance & auditing
UEFI and the TPM: Building a foundation for platform trust
Table of Contents
Trusted Computing
Boot Path Security Challenges
Boot Path Attack Surface
The Trusted Memory Module (TPM)
TPM Architecture...
Goodbye DIACAP, Hello DIARMF
When C&A becomes A&A, will you be ready?
Every few months, an elite group of DoD security experts, IT managers, and senior leadership gather to chart...
ISO27002 Security Framework – Audit Program Template
Several people have asked for an IT Audit Program Template for an audit based on the ISO/IEC 27002:2005(E) security standard. This template, which can be...
IT Auditing and Controls – Information Technology Basics
Information Technology Basics
In its most basic form, information technology (IT), can be reduced down to IPO. No that’s not an Initial Public Offering,...
IT auditing and controls – IT governance and controls
“IT Governance and Controls” or “IT Monitoring and Assurance Practices for Board and Senior Management”
Take your choice of titles of this article,...
IT auditing and controls – An introduction
Auditing is an evaluation of a person, organization, system, process, enterprise, project or product, performed to ascertain the validity and reliability of...
IT auditing and controls – An overview
So you want to be an IT Auditor…..
Over the course of the next few weeks, I will be posting some ten articles to help you understand what it takes to move...