Unit 7 : Audits

srikumar.cs
Mind Map by srikumar.cs, updated more than 1 year ago
srikumar.cs
Created by srikumar.cs almost 8 years ago
56
3

Description

Mind Map on Unit 7 : Audits, created by srikumar.cs on 04/15/2013.

Resource summary

Unit 7 : Audits
  1. Check of accounts
    1. Efficiency Check
      1. Types of Audit
        1. Internal Audit
          1. External Audit
            1. Independence and Integrity is key
              1. Independence is a regulatory requirement in some cases
              2. Security Audit
              3. Role within security framework
                1. Physical
                  1. Preventative : Locks & Keys, Biometric Sensors, Fire extinguisher, backup power
                    1. Detective : Alarms & Sensors, Smoke and fire detect, motion detectors
                    2. Technical
                      1. Preventative : Firewalls, Antiviruses, Encryption, Access Control
                        1. Detective : Pen Testing, Audit trails, Auto configs, Intrusion detect
                        2. Administrative
                          1. Preventative : Training , Process awareness, security awareness, Disaster recovery
                            1. Detective : Security audit, Security Review, Incident investigations, performance eval
                          2. Security Reviews
                            1. Business Process Reviews

                              Annotations:

                              • 1: Completeness, accuracy and validity of transactions 2: Restricted access to assets and records
                              1. IT Process Reviews

                                Annotations:

                                • 1: Change control over existing environments 2: Development / implementation of new systems 3: Security and operations over environment
                              2. Penetration Testing
                                1. Businesses are increasingly dependent on IT
                                  1. Increased system vulnerabiilties
                                    1. Pen testers need to have high integrity, tech skills
                                      1. Maintain confidentiality of reports
                                      2. Security audit and review
                                        1. Compare against standards, other companies and other divisions
                                          1. Test whether procedures are followed
                                            1. Report findings to the management
                                              1. Benchmarking and baselining
                                              2. Incident Investigation
                                                1. How to respond?????

                                                  Annotations:

                                                  • 1: Put your strategy in place 2: Why are you investigating?  3: Who is investigating?  4: Who needs to know?  5: Whats the end-point
                                                  1. Evidence handling

                                                    Annotations:

                                                    • 1: Audit trails, system logs, phone records, emails & backups 2: Evidence handling and security procedures are essential 3: usually work off a copy rather than the evidence itself
                                                    1. Investigating and analysing
                                                    Show full summary Hide full summary

                                                    Similar

                                                    Vocabulário Inglês Básico
                                                    miminoma
                                                    Bayonet Charge flashcards
                                                    katiehumphrey
                                                    English Poetry Key Words
                                                    Oliviax
                                                    PuKW - STEP 1 (mögliche Prüfungsfragen/Prüfungsvorbereitung)
                                                    Steven Lee
                                                    Using GoConqr to learn German
                                                    Sarah Egan
                                                    2PR101 1.test - Doplňující otázky
                                                    Nikola Truong
                                                    Repaso Revalida PR 2016
                                                    Rodrigo Lopez
                                                    Ingeniería Industrial
                                                    JUAN ADUNA RIVERA
                                                    Criminalistica
                                                    Ayelen Caballero
                                                    EL AMOR
                                                    Justin Sanchez
                                                    TRASTORNO DE LA AFECTIVIDAD
                                                    Valeria Rios