IT security audits and audit frameworks
Be prepared for your next IT security audit. Check out our resources on audit planning, tools, reports, mistakes, procedures, management standards, and how to work with auditors and audit validation.
New & Notable
Your Guide to Info Sec Certifications
We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
IT security audits and audit frameworks News
-
October 28, 2016
28
Oct'16
How Big Finance and the feds conquered SecOps with code
SecOps is among the most daunting frontiers of DevOps transformation, but banks and the U.S. federal government are forging ahead using Puppet IT automation.
-
October 18, 2016
18
Oct'16
Secret Service cybersecurity audit shows 'unacceptable' flaws
A cybersecurity audit of the U.S. Secret Service found 'unacceptable vulnerabilities' that leave the possibility of insider-threat activity and privacy violations.
-
June 10, 2016
10
Jun'16
Mozilla Secure Open Source Fund to aid developers with audits
Mozilla created the Secure Open Source Fund to help developers perform security audits on software in an effort to reduce the potential of another Heartbleed or Shellshock.
-
January 27, 2016
27
Jan'16
Congress demands Juniper backdoor audits by government agencies
Congressional oversight committee wants to know which U.S. government agencies used firewalls that may have been affected by the recently uncovered Juniper backdoor vulnerability.
IT security audits and audit frameworks Get Started
Bring yourself up to speed with our introductory content
-
Is information security gap analysis important for HIPAA compliance?
Security gap analysis is a strong, reliable technique for enterprises looking to assure HIPAA compliance. Expert Mike Chapple explains how to perform the analysis. Continue Reading
-
HIPAA and HITECH compliance: Who should perform assessments?
Here are some important criteria for hiring a partner to review your information security program, with a focus on HIPAA and HITECH compliance. Continue Reading
-
How can health organizations prepare for HIPAA audits?
The long-awaited HIPAA audits conducted randomly by HHS are finally supposed to happen in 2015, but with stricter requirements. Here's how organizations can get ready. Continue Reading
Evaluate IT security audits and audit frameworks Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Electronic voting systems in the U.S. need post-election audits
Colorado will implement a new system for auditing electronic voting systems. Post-election audits have been proven to help, but are they enough to boost public trust in the systems? Continue Reading
-
How can enterprises use SOC 2 reports to evaluate cloud providers?
Enterprises can use SOC 2 reports to evaluate cloud service providers. Expert Matthew Pascucci discusses the effectiveness of doing so, and what else companies can use. Continue Reading
-
Gartner on PCI DSS 3.0 changes: Bigger, harder and more expensive
Gartner analyst Avivah Litan discusses how Gartner clients are reacting to the changes in PCI DSS 3.0, and whether the increased rigor in the standard will prove beneficial to enterprises. Continue Reading
Manage IT security audits and audit frameworks
Learn to apply best practices and optimize your operations.
-
Embedded application security: Inside OWASP's best practices
OWASP released a draft of new guidelines for creating secure code within embedded software. Expert Judith Myerson discusses best practices, pitfalls to avoid and auditing tools. Continue Reading
-
The difference between security assessments and security audits
Security audits vs. security assessments solve different needs. Organizations may use security audits to check their security stature while security assessments might be the better tool to use. Expert Ernie Hayden explains the differences. Continue Reading
-
What's the best way to handle external security auditors?
Dealing with external security auditors can make IT professionals uncomfortable. Here are some ways to handle and make the most of the audit process. Continue Reading
Problem Solve IT security audits and audit frameworks Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
How can companies avoid failing the annual FISMA audit?
The annual FISMA audit is designed to ensure companies need to have consistent security standards. Here's how to prepare for the audits. Continue Reading
-
Audit concerns when migrating from traditional firewall to NGFW
Learn about a potential audit concern when transitioning from a traditional firewall to a next-generation firewall. Continue Reading
-
How descoping measures can help reduce regulatory compliance burden
Expert Mike Chapple explains how two descoping techniques can help many organizations reduce their regulatory compliance burden. Continue Reading