IT Security Audits News
June 10, 2016
Mozilla created the Secure Open Source Fund to help developers perform security audits on software in an effort to reduce the potential of another Heartbleed or Shellshock.
January 27, 2016
Congressional oversight committee wants to know which U.S. government agencies used firewalls that may have been affected by the recently uncovered Juniper backdoor vulnerability.
September 18, 2015
An internal audit of the U.S. Department of Homeland Security has been completed, detailing areas where its cyber mission has failed and what plans are in place to make improvements.
August 12, 2014
Discussing the state of PCI DSS compliance, Gartner's Avivah Litan says the industry still struggles with PCI auditors who both identify PCI problems and sell remediation services to fix them, causing a conflict of interest.
IT Security Audits Get Started
Bring yourself up to speed with our introductory content
Security gap analysis is a strong, reliable technique for enterprises looking to assure HIPAA compliance. Expert Mike Chapple explains how to perform the analysis. Continue Reading
Here are some important criteria for hiring a partner to review your information security program, with a focus on HIPAA and HITECH compliance. Continue Reading
The long-awaited HIPAA audits conducted randomly by HHS are finally supposed to happen in 2015, but with stricter requirements. Here's how organizations can get ready. Continue Reading
Evaluate IT Security Audits Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Gartner analyst Avivah Litan discusses how Gartner clients are reacting to the changes in PCI DSS 3.0, and whether the increased rigor in the standard will prove beneficial to enterprises. Continue Reading
A veteran QSA believes PCI DSS 3.0 will help both QSAs and enterprises, but says further clarifications are needed to avoid PCI assessment disputes. Continue Reading
Peter G. Neumann shares his thoughts on the inherent complexity of trustworthiness and the evolutionary promise of clean-slate architectures. Continue Reading
Manage IT Security Audits
Learn to apply best practices and optimize your operations.
Dealing with external security auditors can make IT professionals uncomfortable. Here are some ways to handle and make the most of the audit process. Continue Reading
Learn about a potential audit concern when transitioning from a traditional firewall to a next-generation firewall. Continue Reading
Expert Mike Chapple explains how two descoping techniques can help many organizations reduce their regulatory compliance burden. Continue Reading
Problem Solve IT Security Audits Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
The annual FISMA audit is designed to ensure companies need to have consistent security standards. Here's how to prepare for the audits. Continue Reading
One QSA offers pre-audit planning advice to ensure a smooth, successful enterprise IT security audit for both the organization and the auditor. Continue Reading
There are several risks involved when using end-of-life software, including the possibility of compliance violations. Expert Mike Chapple explains. Continue Reading