| |
| Home >
Security > Auditing |
 |
|
|
|
An Information Technology (IT) audit or information systems (IS) audit is an examination of the controls within an entity's Information technology infrastructure. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement. |
|
| |
 |
Results 1 - 25 of 43 matches |
Sort Results By : Published Date | Title | Company name |
|
|
|
| By : Qualys |
Published Date: Aug 08, 2006 |
|
|
The Marine Corps Community Services (MCCS) manages a global network that serves Marines and their families. MCCS chose a managed service to conduct comprehensive vulnerability assessments and prioritize patches and fixes.
Download Now
|
 |
|
|
|
|
|
|
The PCI DSS is demonstrably becoming a de facto standard of due care for any organization responsible for the privacy and integrity of data. The increased focus on application security in the latest revisions of the PCI DSS can be traced directly to many of the recent high profile breaches, where insecure applications have proved to be the point of access for hackers, and the source of data loss.
Download Now
|
 |
|
|
|
| By : Qualys |
Published Date: Oct 31, 2006 |
|
|
This white paper reviews the basics of PCI, including who must comply, compliance requirements, validation requirements and penalties. It also examines key things to look for when selecting a PCI network testing service and introduces QualysGuard PCI.
Download Now
|
|
|
|
|
| By : Qualys |
Published Date: Aug 08, 2006 |
|
|
Security administrators need to be more proactive about preventing attacks, making vulnerability assessments a crucial tool in their portfolio.
Download Now
|
|
|
|
|
|
|
|
A millisecond of downtime can mean millions of dollars. Maintaining compliance while ensuring your firm has the required speed and uptime can be daunting. Learn what you can do with your email and instant messages to prepare for your next regulatory audit.
Download Now
|
 |
|
|
|
|
|
|
Learn how to meet regulatory requirements for system change and user activity monitoring with NetIQ Change Guardian for Windows, without the need for performance-hindering native auditing.
Download Now
|
 |
|
|
|
|
|
|
Mandatory compliance requirements often vary or conflict. Discover the major issues and appropriate actions organizations must take today to protect the privacy of information and meet legal and contractual requirements.
Download Now
|
|
|
|
|
| By : Shunra |
Published Date: Mar 18, 2007 |
|
|
Effective IT disaster recovery and business continuity planning is essential for every business. All businesses depend on their IT services for moment-to-moment operations. It is vital to ensure that those services are not disrupted due to any disaster. Pre-test your plans in a simulated network.
Download Now
|
 |
|
|
|
|
|
|
Learn how delegating administrative privileges can aid in improving administrative productivity, system availability and security, while satisfying the demands of auditors. Read this new white paper from NetIQ today.
Download Now
|
|
|
|
|
|
|
|
In lieu of Sarbanes-Oxley, HIPAA, and other regulations, one of the main concerns in the IT industry today is security. In this white paper, we take a deeper look at the security concerns, the available solutions, their drawbacks, and a new complementary way of addressing today's security issues.
Download Now
|
 |
|
|
|
| By : Tripwire |
Published Date: Mar 28, 2008 |
|
|
Tripwire founder/CTO Gene Kim provides seven practical steps that IT organizations can take to mitigate the unique security challenges of virtualization. While some are directed specifically at virtualized environments, many of these steps are solid best practices that apply to both physical and virtualized environments.
Download Now
|
 |
|
|
|
|
|
| By : CA |
Published Date: Sep 13, 2007 |
|
|
Your organization relies on servers to store and access to your most critical information resources. CA Access Control is a product that centralizes control and distributed enforcement of appropriate role-based access to sensitive server resources.
Download Now
|
 |
|
|
|
|
|
|
|
|
Identifying critical change control failure points in your infrastructure can help reduce the threat of costly downtime, potential security breaches, and compliance weaknesses. Read this paper for guidelines on how to identify and categorize systems that have characteristics which heighten risk.
Download Now
|
 |
|
|
|
|
|
|
This paper lays out the challenges with complying with SOX and suggests a radical solution: build a self-service, automated IT control framework in which all the information required to verify compliance is available in a single reporting system.
Download Now
|
|
|
|
|
| By : Tripwire |
Published Date: Jan 26, 2007 |
|
|
This paper covers the implementation, disclosure and ongoing evaluation of internal controls for SOX compliance with a focus on the role of IT, as well as the penalties for non-compliance.
Download Now
|
|
|
|
|
|
|
|
For over a decade now, RADIUS servers have been a mainstay of dial-up and VPN access control. The rather inconspicuous RADIUS server, perhaps better known as that beige, general-purpose PC collecting dust in the corner of your data center, has proved sufficient for performing basic duties like validating passwords and granting network access.
Download Now
|
 |
|
|
|
| By : Cenzic |
Published Date: Nov 30, 2005 |
|
|
With web applications constantly evolving, finding vulnerabilities is a challenging, costly and time-consuming undertaking. Find out how Cenzic's powerful security solutions help information security teams quickly identify problems, regularly assess web application security strength and ensure regulatory compliance.
Download Now
|
 |
|
|
|
| By : Borland |
Published Date: Oct 02, 2006 |
|
|
In this white paper, you'll learn how to clearly define business requirements, align them with testing, and evolve development processes to prevent defects.
Download Now
|
 |
|
|
|
|
|
|
New report issued by Fortrex, Emagined Security and Solidcore reveals the cost of PCI compliance is justified. These PCI requirements exist to protect sensitive data - yet, research indicates that these are among the least satisfied requirements across Level 1 merchants, with almost 40% non-compliance.
Download Now
|
|
|
|
|
|
|
|
Learn about the Sarbanes-Oxley regulatory background and its impact on IT departments. This document provides information pertaining to access issues, change documentation, disaster recovery planning and illustrations of key audit-ready reports.
Download Now
|
 |
|
|
|
|
|
|
This IT audit checklist guide includes advice on assessing the effectiveness of change management in a variety of areas. As companies grow more dependent on interdependent IT systems, the risks associated with untested changes in development and production environments have increased proportionately.
Download Now
|
|
|
|
|
|
|
|
Risk assessment is the cornerstone of security. The risk assessment process includes gathering information about the assets of the organizations, including all information assets, and all physical assets.
Download Now
|
 |
|
|
|
| By : Cenzic |
Published Date: Jul 01, 2006 |
|
|
Enterprises need to utilize software testing that can automatically review applications for security problems. This document examines the market drivers and technology associated with software security code review products and discusses how Cenzic is addressing this urgent need.
Download Now
|
|
|
|
|
|
Sort Results By : Published Date | Title | Company name |
Learn about lead generation opportunities and list your white papers
