IT Security Audits

MUST READ Surviving an audit INFORMATION SECURITY MAGAZINE - A security review doesn't have to be a sink-or-swim proposition.

VIDEO: 1 - 2 of 2

	PCI compliance requirement 11: Testing SearchSecurity.com | 01 Jun 2009 VIDEO - PCI Requirement 11 is a popular one, according to Diana Kelley. Learn why in this instructional video.

	Using IAM tools to improve compliance SearchSecurity.com | 15 May 2009 VIDEO - Provisioning and password management tools can ease complexity, reduce help desk calls and save money. But they also have an added benefit: They can help ease enterprise compliance woes.

	VIEW ALL VIDEO ON IT SECURITY AUDITS

EXPERT TECHNICAL ADVICE: 1 - 3 of 36

IT SECURITY AUDITS EXPERTS
			David Mortman, featured expert ASK A QUESTION

	HIPAA compliance: New regulations change the game 14 Apr 2009 TIP - Recent changes to HIPAA regulations coupled with renewed HIPAA enforcement may stir a panic among enterprise security teams charged with safeguarding PHI.

	Maltego demo: Identifying a website's trust relationships Submitted By: SearchSecurity.com | 30 Mar 2009 TIP - This month, Peter Giannoulis demonstrates Maltego, an information-gathering tool that infosec pros can use to identify trust relationships on the Web.

	Strategies for email archiving and meeting compliance regulations 18 Feb 2009 TIP - Michael Cobb reviews compliance regulations that demand email archiving and how such products can ease some of the pain that comes with the process.

	VIEW ALL EXPERT TECHNICAL ADVICE ON IT SECURITY AUDITS

NEWS: 1 - 3 of 31

	MasterCard increases PCI compliance requirements for some merchants SearchSecurity.com | 29 Jun 2009 ARTICLE - Company now requires merchants that process one million to six million transactions annually to have onsite assessment by a PCI QSA. Visa says it won't follow suit.

	PCI DSS Q&A: Answering your questions SearchSecurity.com | 08 Apr 2009 INTERVIEW - Compliance expert Ed Moyle of CTG addresses scoping and network segmentation. Web application security and networking issues.

	PCI QSA assurance program penalizes assessors SearchSecurity.com | 05 Mar 2009 ARTICLE - Two firms certified to conduct PCI assessments have been placed into the PCI Council's remediation program for violating the QSA Validation Requirements.

	VIEW ALL NEWS ON IT SECURITY AUDITS

REFERENCE & LEARNING: 1 - 3 of 11

	Conclusion: The Risk Mitigation Challenges of the "12 PCI Commandments" SearchSecurity.com | 19 Sep 2007 LEARNING GUIDE - In this guide, Craig Norris draws some important PCI compliance conclusions.

	Strategies for success -- PCI DSS Requirement 1: Install and maintain a firewall configuration to protect cardholder data SearchSecurity.com | 19 Sep 2007 LEARNING GUIDE - Simply installing a firewall on the network perimeter won't necessarily get you past PCI DSS Requirement 1. Craig Norris explains the extra work that needs to be done.

	Strategies for success -- PCI DSS Requirement 10: Track and monitor all access to network resources and cardholder data SearchSecurity.com | 19 Sep 2007 LEARNING GUIDE - Many organizations must manually track each system's log files to comply with PCI DSS. In this guide, Craig Norris explains how to pass PCI's troublesome tenth requirement.

	VIEW ALL REFERENCE & LEARNING ON IT SECURITY AUDITS

MAGAZINE CONTENT (free subscription required): 1 - 3 of 8

	How to write a risk methodology that blends business, security needs Information Security Magazine | 04 Jun 2009 FEATURES - One security professional describes a homegrown risk methodology currently being used by a large university and a private corporation.

	Implement security and compliance in a risk management context Information Security Magazine | 10 Jan 2009 FEATURES - CFOs live in a world where risk management is the lingua franca. CISOs have to join the conversation.

	Internal auditors and CISOs mitigate similar risks Information Security Magazine | 10 Jan 2009 FEATURES - Internal audit and information security may often find themselves at odds, but in the end, their respective goals are the same.

	VIEW ALL MAGAZINE CONTENT ON IT SECURITY AUDITS

WEBCASTS: 1 - 3 of 3

5 Steps for SOX Compliance - Expert Webcast VIEW WEBCAST PREMIERED:   26 OCT 2006, 09:00 EDT (13:00, GMT) SUMMARY:   This Podcast offers five easy steps that help your company comply with a SOX audit and improve your overall security posture. Listen to this Podcast and examine where your reporting divisions should beand who you should turn to for help when you are trying to comply with SOX regulations.

	Making effective use of database monitoring/auditing tools for security and compliance - Expert Webcast VIEW WEBCAST PREMIERED:   12 OCT 2006, 12:00 EDT (16:00, GMT) SUMMARY:   This webcast will help you understand how monitoring/auditing tools map to data compliance/security requirements and what to look for to determine which tools will work best for your environment.

	CISSP Essentials: Mastering the Common Body of Knowledge -- Class 1, Security management practices - Expert Webcast VIEW WEBCAST PREMIERED:   14 OCT 2004, 09:00 EDT (13:00, GMT) SUMMARY:   While viruses, worms and hacking grab all the news headlines, sound security management practices are the foundation of any organization's security success.

	VIEW ALL WEBCASTS ON IT SECURITY AUDITS

	SEE ALSO - Topics Related to IT Security Audits:  FFIEC Regulations and Guidelines, COBIT, Gramm-Leach-Bliley Act (GLBA), HIPAA, Sarbanes-Oxley Act, FISMA, PCI Data Security Standard, Data Privacy and Protection, ISO 17799