Security Audit

MUST READ Best practices for choosing an outside IT auditor TIP - Learn six points for choosing the right outside auditor. The future role of the CISO: Keeping auditors at bay TIP - CISOs have little discretionary budget or time to make any improvements that are not directly related to HIPAA or SOX compliance. For some, this is a benefit. Cheat sheet: 10 ways to prep for auditors ARTICLE - There are 10 ways to prepare for those auditors knocking at your door -- and avoid wasting time and money.

EXPERT TECHNICAL ADVICE: 1 - 3 of 21

SECURITY AUDIT EXPERTS
			Mike Rothman President and Principal Analyst ASK A QUESTION

	Filtering log data: Looking for the needle in the haystack Submitted By: SearchSecurity.com | 24 Oct 2007 TIP - In this illustrated tip, network security expert David Strom demonstrates how to use a log-filtering tool to quickly make use of all those voluminous log files.

	Preparing for a network security audit starts with monitoring and remediation 23 Oct 2007 TIP - Mike Chapple explains how a detailed network security change-management and remediation process can make audit preparation much easier.

	Dissecting compliance workflow processes Submitted By: SearchSecurity.com | 24 Sep 2007 TIP - Special guest Compliance School instructor Tom Bowers explains why a compliance workflow model makes sense and how it makes auditors happy.

	VIEW ALL EXPERT TECHNICAL ADVICE ON SECURITY AUDIT

NEWS: 1 - 3 of 23

	Hannaford breach illustrates dangerous compliance mentality SearchSecurity.com | 04.02.2008 OPINION - As Executive Editor Dennis Fisher explains, the Hannaford supermarket breach illustrates how too much emphasis on compliance puts critical data at risk.

	Data breach costs soar SearchSecurity.com | 29 Nov 2007 ARTICLE - A Ponemon Institute study indicates the costs associated with data breaches have soared and will continue to skyrocket unless companies do more to prevent them in the first place.

	IBM to boost security spending, push PCI DSS program SearchSecurity.com | 01 Nov 2007 ARTICLE - IBM plans to invest $1.5 billion on security research in 2008. The company is also using recent acquisitions to introduce a PCI DSS program.

	VIEW ALL NEWS ON SECURITY AUDIT

REFERENCE & LEARNING: 1 - 3 of 10

	Strategies for success -- PCI DSS Requirement 1: Install and maintain a firewall configuration to protect cardholder data SearchSecurity.com | 19 Sep 2007 LEARNING GUIDE - Simply installing a firewall on the network perimeter won't necessarily get you past PCI DSS Requirement 1. Craig Norris explains the extra work that needs to be done.

	Strategies for success -- PCI DSS Requirement 10: Track and monitor all access to network resources and cardholder data SearchSecurity.com | 19 Sep 2007 LEARNING GUIDE - Many organizations must manually track each system's log files to comply with PCI DSS. In this guide, Craig Norris explains how to pass PCI's troublesome tenth requirement.

	Strategies for success -- PCI DSS Requirement 11: Regularly test security systems and processes SearchSecurity.com | 19 Sep 2007 LEARNING GUIDE - Craig Norris explains why internal and external network scans are necessary to pass a PCI compliance audit.

	VIEW ALL REFERENCE & LEARNING ON SECURITY AUDIT

WEBCASTS: 1 - 1 of 1

	CISSP Essentials: Mastering the Common Body of Knowledge -- Class 1, Security management practices - Expert Webcast VIEW WEBCAST PREMIERED:   14 OCT 2004, 09:00 EDT (13:00, GMT) SUMMARY:   While viruses, worms and hacking grab all the news headlines, sound security management practices are the foundation of any organization's security success.

	VIEW ALL WEBCASTS ON SECURITY AUDIT

	SEE ALSO - Topics Related to Security Audit:  PCI Data Security Standard, FFIEC, Gramm-Leach-Bliley Act (GLBA), HIPAA, Sarbanes-Oxley Act, Data Security Breach Laws and Notification, Data Privacy, FISMA