Features
Features
IT security audits and audit frameworks
-
One security framework may be key to cyber effectiveness
The Mitre ATT&CK security framework could best enable effective cybersecurity, according to The Chertoff Group, as could joining information sharing and analysis organizations. Continue Reading
-
CISA exam preparation requires learning ethics, standards, new vocab
The CISA certification is proof of an auditor's knowledge and skills. However, the exam isn't easy and requires some heavy learning -- especially when it comes to vocabulary. Continue Reading
-
How to identify and evaluate cybersecurity frameworks
Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one. Continue Reading
-
Electronic voting systems in the U.S. need post-election audits
Colorado will implement a new system for auditing electronic voting systems. Post-election audits have been proven to help, but are they enough to boost public trust in the systems? Continue Reading
-
Cloud Compliance: Tackling Compliance in the Cloud
Moving to a cloud environment brings compliance challenges, but they’re not insurmountable. Continue Reading
-
GRC Management and Critical Infrastructure Protection
GRC needs to adapt to become a truly effective risk management tool for critical infrastructure. Continue Reading
-
Preparing for auditors: Checklists for before, during and after an IT audit
Prepare for your next IT audit with these handy checklists. Continue Reading
-
Step 4: Detailed objectives and policies
-
Audit failure: How one lab raised IT security awareness and its audit grade
Learn how Argonne National Lab raised IT security awareness and its audit grade from 'F' to 'A'. Continue Reading
-
Ensure audit success with sound security audit procedures
A security review doesn't have to be a sink-or-swim proposition. Continue Reading
-
Security audit tools: Vendors every auditor should use
Sidebar: An auditor should be familiar with a variety of tools and utilities, not just a single packaged scanner. They include utilities and power tools, both open source and commercial. Continue Reading
-
IT security auditing: Best practices for conducting audits
Even if you hate security audits, it's in your best interest to make sure they're done right. Continue Reading