Home >
> Auditing |
 |
|
|
|
An Information Technology (IT) audit or information systems (IS) audit is an examination of the controls within an entity's Information technology infrastructure. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement. |
 |
|
Results 1 - 25 of 47 matches |
Sort Results By : Published Date | Title | Company name |
|
|
Managing Privileged Users on the IBM AS/400 (System i) |
|
|
One of the most common security lapses uncovered in AS/400 (System i) audits is too many users with privileged access to data. Read this white paper to learn about managing, limiting, and auditing privileged and powerful user accounts on the AS/400 and discover answers to the following questions: What are the security exposures from powerful user accounts with SECOFR user class and special authorities such as *ALLOBJ? What are your auditors looking for? How can you configure your AS/400 system to comply with IT frameworks such as COBIT and ISO 27002 (17799)?
Download Now
|
 |
|
|
|
Optimizing Infrastructure Control |
| By : Tripwire |
Published Date: Jun 06, 2008 |
|
This paper outlines the nature of infrastructure integrity, change auditing, and compliance solutions. It describes how an investment in configuration assessment and change auditing solutions can stabilize IT operations, lowering the operational costs associated with the IT infrastructure; be a force multiplier; and provide a solid foundation that increases the effectiveness of the investment in information security.
Download Now
|
 |
|
|
|
Proving Compliance with McAfee Total Protection for Data |
| By : McAfee |
Published Date: May 01, 2008 |
|
Companies feel a sense of security from encrypting data stored on corporate systems on desktops, laptops and mobile devices. They believe this act will protect their intellectual property, and sensitive customer information will remain safe and secure from unauthorized access. But that is not enough. Simply encrypting this information doesn’t help you prove compliance with external regulations or internal controls during a financial audit or legal discovery process.
Download Now
|
 |
|
|
|
Gene Kim's Practical Steps to Mitigate Virtualization Security Risks |
| By : Tripwire |
Published Date: Mar 28, 2008 |
|
Tripwire founder/CTO Gene Kim provides seven practical steps that IT organizations can take to mitigate the unique security challenges of virtualization. While some are directed specifically at virtualized environments, many of these steps are solid best practices that apply to both physical and virtualized environments.
Download Now
|
|
|
|
|
|
|
|
|
Ensure the Integrity of your Content: ProofMark System Technical Overview |
|
|
This paper details the processes by which ProofMark tags electronic records with a self-validating cryptographic seal that acts as a "tamper indicator" based on a true and provable time-reference datum. With this it is able to provide instantaneous and irrefutable proof of authenticity, no matter where the data resides or who has controlled it.
Download Now
|
 |
|
|
|
|
|
Meeting the PCI Application Security Requirements: Building Compliance In |
|
|
The PCI DSS is demonstrably becoming a de facto standard of due care for any organization responsible for the privacy and integrity of data. The increased focus on application security in the latest revisions of the PCI DSS can be traced directly to many of the recent high profile breaches, where insecure applications have proved to be the point of access for hackers, and the source of data loss.
Download Now
|
 |
|
|
|
Best Practices for Audit and Compliance Reporting for IBM AS/400 (System i) |
|
|
Compliance with regulations such as Sarbanes-Oxley, PCI, HIPAA and GLBA requires regular audit reporting against critical information technology (IT) assets. This whitepaper outlines the key items that need to be reviewed on AS/400 (System i) for both configuration data and transactional log information from the audit journal. The white paper also provides guidance on integrating the AS/400 with Security Information Management (SIM) solutions.
Download Now
|
|
|
|
|
10 Reasons your RADIUS Server Needs a Refresh |
|
|
For over a decade now, RADIUS servers have been a mainstay of dial-up and VPN access control. The rather inconspicuous RADIUS server, perhaps better known as that beige, general-purpose PC collecting dust in the corner of your data center, has proved sufficient for performing basic duties like validating passwords and granting network access.
Download Now
|
 |
|
|
|
Host Access Management with CA Access Control |
| By : CA |
Published Date: Sep 13, 2007 |
|
Your organization relies on servers to store and access to your most critical information resources. CA Access Control is a product that centralizes control and distributed enforcement of appropriate role-based access to sensitive server resources.
Download Now
|
 |
|
|
|
Secure Remote Vendor Access to the Enterprise Data Center |
|
|
Enabling IT equipment vendors to perform remote service on your data centers helps maximize uptime and lower TCO—but at what risk? Dial-up modems and VPNs introduce security vulnerabilities and lack sufficient auditing capabilities—making it virtually impossible to track external access and maintain data center security. Download this white paper to learn how you can manage security risks, lower service-related costs, achieve regulatory and internal compliance, and more.
Download Now
|
 |
|
|
|
|
|
Identifying Critical Change Control Failure Points |
|
|
Identifying critical change control failure points in your infrastructure can help reduce the threat of costly downtime, potential security breaches, and compliance weaknesses. Read this paper for guidelines on how to identify and categorize systems that have characteristics which heighten risk.
Download Now
|
 |
|
|
|
|
|
Email and IM Prep for Your Next Regulatory Audit |
|
|
A millisecond of downtime can mean millions of dollars. Maintaining compliance while ensuring your firm has the required speed and uptime can be daunting. Learn what you can do with your email and instant messages to prepare for your next regulatory audit.
Download Now
|
 |
|
|
|
|
|
|
|
|
|
|
|
UNIX Host Access Management with CA Access Control |
| By : CA |
Published Date: May 07, 2007 |
|
UNIX and Linux systems have inherent security issues that pose high risk to the business objectives of complying with regulations and data protection. To reduce security risks, you need full superuser containment and the ability to enforce strict access control to critical system resources through centralized and automated policy management across different platforms.
Download Now
|
|
|
|
|
Pre-Test DR & Business Continuity Plans |
| By : Shunra |
Published Date: Mar 18, 2007 |
|
Effective IT disaster recovery and business continuity planning is essential for every business. All businesses depend on their IT services for moment-to-moment operations. It is vital to ensure that those services are not disrupted due to any disaster. Pre-test your plans in a simulated network.
Download Now
|
 |
|
|
|
|
|
|
| |
|
|
|
Results 1 - 25 of 47 matches |
Sort Results By : Published Date | Title | Company name |
|
|
<< Start < Previous 1 2 Next > End >>
|
More Security Topics |
|
Access Control, Anti Spam, Anti Spyware, Anti Virus, Application Security, Auditing, Authentication, Biometrics, Business Continuity, Compliance, DDoS, Disaster Recovery, Email Security, Encryption, Firewalls, Hacker Detection, High Availability, Identity Management, Internet Security, Intrusion Detection, Intrusion Prevention, IPSec, Network Security Appliance, Password Management, Patch Management, Phishing, PKI, Policy Based Management, Security Management, Security Policies, Single Sign On, SSL, Secure Instant Messaging, Web Service Security, PCI Compliance |
|
 |
|
RSS
