Features

Features

IT security audits and audit frameworks

• One security framework may be key to cyber effectiveness

  The Mitre ATT&CK security framework could best enable effective cybersecurity, according to The Chertoff Group, as could joining information sharing and analysis organizations.  Continue Reading

• CISA exam preparation requires learning ethics, standards, new vocab

  The CISA certification is proof of an auditor's knowledge and skills. However, the exam isn't easy and requires some heavy learning -- especially when it comes to vocabulary.  Continue Reading

• How to identify and evaluate cybersecurity frameworks

  Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one.  Continue Reading

• Electronic voting systems in the U.S. need post-election audits

  Colorado will implement a new system for auditing electronic voting systems. Post-election audits have been proven to help, but are they enough to boost public trust in the systems?  Continue Reading

• Cloud Compliance: Tackling Compliance in the Cloud

  Moving to a cloud environment brings compliance challenges, but they’re not insurmountable.  Continue Reading

• GRC Management and Critical Infrastructure Protection

  GRC needs to adapt to become a truly effective risk management tool for critical infrastructure.  Continue Reading

• Preparing for auditors: Checklists for before, during and after an IT audit

  Prepare for your next IT audit with these handy checklists.  Continue Reading

• Step 4: Detailed objectives and policies

   Continue Reading

• Audit failure: How one lab raised IT security awareness and its audit grade

  Learn how Argonne National Lab raised IT security awareness and its audit grade from 'F' to 'A'.  Continue Reading

• Ensure audit success with sound security audit procedures

  A security review doesn't have to be a sink-or-swim proposition.  Continue Reading

• Security audit tools: Vendors every auditor should use

  Sidebar: An auditor should be familiar with a variety of tools and utilities, not just a single packaged scanner. They include utilities and power tools, both open source and commercial.  Continue Reading

• IT security auditing: Best practices for conducting audits

  Even if you hate security audits, it's in your best interest to make sure they're done right.  Continue Reading