Features

Features

IT security audits and audit frameworks

• How to identify and evaluate cybersecurity frameworks

  Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one.  Continue Reading

• Electronic voting systems in the U.S. need post-election audits

  Colorado will implement a new system for auditing electronic voting systems. Post-election audits have been proven to help, but are they enough to boost public trust in the systems?  Continue Reading

• Editor’s desk: A chat with Peter G. Neumann

  Peter G. Neumann shares his thoughts on the inherent complexity of trustworthiness and the evolutionary promise of clean-slate architectures.  Continue Reading

• Cloud Compliance: Tackling Compliance in the Cloud

  Moving to a cloud environment brings compliance challenges, but they’re not insurmountable.  Continue Reading

• GRC Management and Critical Infrastructure Protection

  GRC needs to adapt to become a truly effective risk management tool for critical infrastructure.  Continue Reading

• Preparing for auditors: Checklists for before, during and after an IT audit

  Prepare for your next IT audit with these handy checklists.  Continue Reading

• PING with Tony Spurlin

  Tony Spurlin, Home Depot's Information Risk manager, discusses his homegrown assessment framework and evaluation processes for potential partners.  Continue Reading

• Step 4: Detailed objectives and policies

   Continue Reading

• Multi-dimensional enterprise-wide security: Audit and validation

  Learn how to protect information assets and resources within all areas of the enterprise and in compliance with all regulatory, policy and contractual requirements.  Continue Reading

• Ensure that legal responsibilities are clear -- Especially when trouble strikes

  Excerpt from Chapter 15 of Information Nation Warrior: Information Management Compliance Boot Camp.  Continue Reading

• Audit failure: How one lab raised IT security awareness and its audit grade

  Learn how Argonne National Lab raised IT security awareness and its audit grade from 'F' to 'A'.  Continue Reading

• Ensure audit success with sound security audit procedures

  A security review doesn't have to be a sink-or-swim proposition.  Continue Reading

• Security audit tools: Vendors every auditor should use

  Sidebar: An auditor should be familiar with a variety of tools and utilities, not just a single packaged scanner. They include utilities and power tools, both open source and commercial.  Continue Reading

• IT security auditing: Best practices for conducting audits

  Even if you hate security audits, it's in your best interest to make sure they're done right.  Continue Reading