IT security audits and audit frameworks

Be prepared for your next IT security audit. Check out our resources on audit planning, tools, reports, mistakes, procedures, management standards, and how to work with auditors and audit validation.

New & Notable

Download this free guide

Download: Your Complete Guide to IAM

Utilize this 66-page IAM guide to help you stay on top of the latest best practices and techniques. Security expert Michael Cobb explores the risks and rewards of biometrics measures and multifactor authentication, how organizations can assess if it is time to modernize IAM strategies, and much more.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

IT security audits and audit frameworks News

November 19, 2019 19 Nov'19
CrowdStrike: Incident response times still too long

A CrowdStrike study revealed it takes enterprise security teams almost seven days of nonstop work to detect, investigate and contain the average incident.
December 20, 2018 20 Dec'18
Twitter bugs expose user data and direct messages

Two Twitter bugs led to questions about the platform's user privacy and security, while the company said one of the bugs opened the door to possible state-sponsored attacks.
December 11, 2018 11 Dec'18
Second Google+ data exposure leads to earlier service shutdown

Another Google Plus data exposure -- this time potentially affecting more than 52 million users -- will cause the service to be shut down four months earlier than scheduled.
October 11, 2018 11 Oct'18
U.S. weapon systems cybersecurity failing, GAO report says

A U.S. Government Accountability Office report gave failing grades to military weapon systems cybersecurity, but some experts say the report should be a source of encouragement.

IT security audits and audit frameworks Get Started

Bring yourself up to speed with our introductory content

CISA exam preparation requires learning ethics, standards, new vocab

The CISA certification is proof of an auditor's knowledge and skills. However, the exam isn't easy and requires some heavy learning -- especially when it comes to vocabulary. Continue Reading
CISA practice questions to prep for the exam

Ready to take the Certified Information Systems Auditor exam? Use these CISA practice questions to test your knowledge of the audit process job practice domain. Continue Reading
COBIT

COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management best practices. Continue Reading

Evaluate IT security audits and audit frameworks Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

How to identify and evaluate cybersecurity frameworks

Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one. Continue Reading
Electronic voting systems in the U.S. need post-election audits

Colorado will implement a new system for auditing electronic voting systems. Post-election audits have been proven to help, but are they enough to boost public trust in the systems? Continue Reading
How can enterprises use SOC 2 reports to evaluate cloud providers?

Enterprises can use SOC 2 reports to evaluate cloud service providers. Expert Matthew Pascucci discusses the effectiveness of doing so, and what else companies can use. Continue Reading

Manage IT security audits and audit frameworks

Learn to apply best practices and optimize your operations.

Top 7 IT security frameworks and standards explained

Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right one for your organization. Continue Reading
Embedded application security: Inside OWASP's best practices

OWASP released a draft of new guidelines for creating secure code within embedded software. Expert Judith Myerson discusses best practices, pitfalls to avoid and auditing tools. Continue Reading
The difference between security assessments and security audits

Security audits vs. security assessments solve different needs. Organizations may use security audits to check their security stature while security assessments might be the better tool to use. Expert Ernie Hayden explains the differences. Continue Reading

Problem Solve IT security audits and audit frameworks Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

HIPAA compliance checklist: The key to staying compliant in 2020

Putting together a HIPAA compliance program can be fraught with difficulty. Review best practices and a HIPAA compliance checklist to avoid common pitfalls and pass an audit. Continue Reading
Best practices to conduct a user access review

User entitlement reviews ensure employees only have access to essential systems and unauthorized employees -- or miscreants -- don't. Learn how to conduct an audit of user privileges. Continue Reading
How Big Finance and the feds conquered SecOps with code

SecOps is among the most daunting frontiers of DevOps transformation, but banks and the U.S. federal government are forging ahead using Puppet IT automation. Continue Reading