Kopieren und bearbeiten

Unit 7 : Audits

Beschreibung

Mindmap am Unit 7 : Audits, erstellt von srikumar.cs am 15/04/2013.
srikumar.cs
Mindmap von srikumar.cs, aktualisiert more than 1 year ago
srikumar.cs
Erstellt von srikumar.cs vor mehr als 11 Jahre
66
3
0

Zusammenfassung der Ressource

Unit 7 : Audits
  1. Check of accounts
    1. Efficiency Check
      1. Types of Audit
        1. Internal Audit
          1. External Audit
            1. Independence and Integrity is key
              1. Independence is a regulatory requirement in some cases
              2. Security Audit
              3. Role within security framework
                1. Physical
                  1. Preventative : Locks & Keys, Biometric Sensors, Fire extinguisher, backup power
                    1. Detective : Alarms & Sensors, Smoke and fire detect, motion detectors
                    2. Technical
                      1. Preventative : Firewalls, Antiviruses, Encryption, Access Control
                        1. Detective : Pen Testing, Audit trails, Auto configs, Intrusion detect
                        2. Administrative
                          1. Preventative : Training , Process awareness, security awareness, Disaster recovery
                            1. Detective : Security audit, Security Review, Incident investigations, performance eval
                          2. Security Reviews
                            1. Business Process Reviews

                              Anmerkungen:

                              • 1: Completeness, accuracy and validity of transactions 2: Restricted access to assets and records
                              1. IT Process Reviews

                                Anmerkungen:

                                • 1: Change control over existing environments 2: Development / implementation of new systems 3: Security and operations over environment
                              2. Penetration Testing
                                1. Businesses are increasingly dependent on IT
                                  1. Increased system vulnerabiilties
                                    1. Pen testers need to have high integrity, tech skills
                                      1. Maintain confidentiality of reports
                                      2. Security audit and review
                                        1. Compare against standards, other companies and other divisions
                                          1. Test whether procedures are followed
                                            1. Report findings to the management
                                              1. Benchmarking and baselining
                                              2. Incident Investigation
                                                1. How to respond?????

                                                  Anmerkungen:

                                                  • 1: Put your strategy in place 2: Why are you investigating?  3: Who is investigating?  4: Who needs to know?  5: Whats the end-point
                                                  1. Evidence handling

                                                    Anmerkungen:

                                                    • 1: Audit trails, system logs, phone records, emails & backups 2: Evidence handling and security procedures are essential 3: usually work off a copy rather than the evidence itself
                                                    1. Investigating and analysing
                                                    Zusammenfassung anzeigen Zusammenfassung ausblenden

                                                    Möchten Sie kostenlos Ihre eigenen Mindmaps mit GoConqr erstellen? Mehr erfahren.

                                                    ähnlicher Inhalt

                                                    ABSOLUTISMUS - LUDWIG XIV
                                                    Julian 1108
                                                    Welten im Kalten Krieg
                                                    andri.roth
                                                    Enzyme
                                                    Cornelius Ges
                                                    Financial Accounting
                                                    zok42.com
                                                    PSYCH
                                                    frau planlos
                                                    Englisch Lernwortschatz A1-C1 Teil 1
                                                    Chiara Braun
                                                    Übung Aussprache und Tiere
                                                    Gamze Ü
                                                    Vetie - Biochemie
                                                    Fioras Hu
                                                    HNO Patho
                                                    Sabine Gechter
                                                    Vetie Radio 2014
                                                    S J
                                                    Vetie: Berufrecht Altfragen 2013-2017 Teil 1
                                                    Johanna Tr
                                                    Bibliothek durchsuchen