IT security audits and audit frameworks
Be prepared for your next IT security audit. Check out our resources on audit planning, tools, reports, mistakes, procedures, management standards, and how to work with auditors and audit validation.
New & Notable
IT security audits and audit frameworks News
-
November 19, 2019
19
Nov'19
CrowdStrike: Incident response times still too long
A CrowdStrike study revealed it takes enterprise security teams almost seven days of nonstop work to detect, investigate and contain the average incident.
-
December 20, 2018
20
Dec'18
Twitter bugs expose user data and direct messages
Two Twitter bugs led to questions about the platform's user privacy and security, while the company said one of the bugs opened the door to possible state-sponsored attacks.
-
December 11, 2018
11
Dec'18
Second Google+ data exposure leads to earlier service shutdown
Another Google Plus data exposure -- this time potentially affecting more than 52 million users -- will cause the service to be shut down four months earlier than scheduled.
-
October 11, 2018
11
Oct'18
U.S. weapon systems cybersecurity failing, GAO report says
A U.S. Government Accountability Office report gave failing grades to military weapon systems cybersecurity, but some experts say the report should be a source of encouragement.
IT security audits and audit frameworks Get Started
Bring yourself up to speed with our introductory content
-
CISA exam preparation requires learning ethics, standards, new vocab
The CISA certification is proof of an auditor's knowledge and skills. However, the exam isn't easy and requires some heavy learning -- especially when it comes to vocabulary. Continue Reading
-
CISA practice questions to prep for the exam
Ready to take the Certified Information Systems Auditor exam? Use these CISA practice questions to test your knowledge of the audit process job practice domain. Continue Reading
-
COBIT
COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management best practices. Continue Reading
Evaluate IT security audits and audit frameworks Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
How to use the Mitre ATT&CK framework for cloud security
Learn how to use the Mitre ATT&CK security framework to keep your enterprise cloud environment -- whether AWS, GCP, Azure, Azure AD or Microsoft 365 -- secure. Continue Reading
-
Security automation tools and analytics reshape SecOps efforts
To transition from being reactive to proactive in terms of cybersecurity threats, check out how SecOps teams can use security analytics and automation tools to make the change. Continue Reading
-
How to identify and evaluate cybersecurity frameworks
Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one. Continue Reading
Manage IT security audits and audit frameworks
Learn to apply best practices and optimize your operations.
-
How IAM systems support compliance
IAM is a key component of any security strategy, but its role in regulatory compliance is just as crucial. Read up on features and processes to make IAM work for your enterprise. Continue Reading
-
One security framework may be key to cyber effectiveness
The Mitre ATT&CK security framework could best enable effective cybersecurity, according to The Chertoff Group, as could joining information sharing and analysis organizations. Continue Reading
-
Top 7 IT security frameworks and standards explained
Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right one for your organization. Continue Reading
Problem Solve IT security audits and audit frameworks Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
HIPAA compliance checklist: The key to staying compliant in 2020
Putting together a HIPAA compliance program can be fraught with difficulty. Review best practices and a HIPAA compliance checklist to avoid common pitfalls and pass an audit. Continue Reading
-
Best practices to conduct a user access review
User entitlement reviews ensure employees only have access to essential systems and unauthorized employees -- or miscreants -- don't. Learn how to conduct an audit of user privileges. Continue Reading
-
How Big Finance and the feds conquered SecOps with code
SecOps is among the most daunting frontiers of DevOps transformation, but banks and the U.S. federal government are forging ahead using Puppet IT automation. Continue Reading