IT security audits and audit frameworks
Be prepared for your next IT security audit. Check out our resources on audit planning, tools, reports, mistakes, procedures, management standards, and how to work with auditors and audit validation.
New & Notable
IT security audits and audit frameworks News
-
November 19, 2019
19
Nov'19
CrowdStrike: Incident response times still too long
A CrowdStrike study revealed it takes enterprise security teams almost seven days of nonstop work to detect, investigate and contain the average incident.
-
December 20, 2018
20
Dec'18
Twitter bugs expose user data and direct messages
Two Twitter bugs led to questions about the platform's user privacy and security, while the company said one of the bugs opened the door to possible state-sponsored attacks.
-
December 11, 2018
11
Dec'18
Second Google+ data exposure leads to earlier service shutdown
Another Google Plus data exposure -- this time potentially affecting more than 52 million users -- will cause the service to be shut down four months earlier than scheduled.
-
October 11, 2018
11
Oct'18
U.S. weapon systems cybersecurity failing, GAO report says
A U.S. Government Accountability Office report gave failing grades to military weapon systems cybersecurity, but some experts say the report should be a source of encouragement.
IT security audits and audit frameworks Get Started
Bring yourself up to speed with our introductory content
-
COBIT
COBIT is an IT governance framework for businesses wanting to implement, monitor and improve IT management best practices. Continue Reading
-
CISA exam preparation requires learning ethics, standards, new vocab
The CISA certification is proof of an auditor's knowledge and skills. However, the exam isn't easy and requires some heavy learning -- especially when it comes to vocabulary. Continue Reading
-
CISA practice questions to prep for the exam
Ready to take the Certified Information Systems Auditor exam? Use these CISA practice questions to test your knowledge of the audit process job practice domain. Continue Reading
Evaluate IT security audits and audit frameworks Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Exploring GRC automation benefits and challenges
Governance, risk and compliance is a crucial enterprise task but can be costly and time-consuming. This is where GRC automation fits in. Learn about its benefits and challenges. Continue Reading
-
How to use the Mitre ATT&CK framework for cloud security
Learn how to use the Mitre ATT&CK security framework to keep your enterprise cloud environment -- whether AWS, GCP, Azure, Azure AD or Microsoft 365 -- secure. Continue Reading
-
Security automation tools and analytics reshape SecOps efforts
To transition from being reactive to proactive in terms of cybersecurity threats, check out how SecOps teams can use security analytics and automation tools to make the change. Continue Reading
Manage IT security audits and audit frameworks
Learn to apply best practices and optimize your operations.
-
Best practices to conduct a user access review
User entitlement reviews ensure only authorized users have access to essential systems and data. Uncover the steps of a user access review and helpful best practices. Continue Reading
-
An adequacy audit checklist to assess project performance
Adequacy audits are conducted to assess the efficacy of IT system controls and identify areas for performance or other improvements. Use this audit checklist to get started. Continue Reading
-
How IAM systems support compliance
IAM is a key component of any security strategy, but its role in regulatory compliance is just as crucial. Read up on features and processes to make IAM work for your enterprise. Continue Reading
Problem Solve IT security audits and audit frameworks Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
HIPAA compliance checklist: The key to staying compliant in 2020
Putting together a HIPAA compliance program can be fraught with difficulty. Review best practices and a HIPAA compliance checklist to avoid common pitfalls and pass an audit. Continue Reading
-
Top 7 IT security frameworks and standards explained
Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right one for your organization. Continue Reading
-
How Big Finance and the feds conquered SecOps with code
SecOps is among the most daunting frontiers of DevOps transformation, but banks and the U.S. federal government are forging ahead using Puppet IT automation. Continue Reading