Whitepapers - SC Magazine US
Search the Library
 
Home >

Security

>

Auditing
An Information Technology (IT) audit or information systems (IS) audit is an examination of the controls within an entity's Information technology infrastructure. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.

Results 1 - 25 of 45 matches Sort Results By : Published Date | Title | Company name
Managing Privileged Users on the IBM AS/400 (System i)
By : PowerTech Published Date: Jun 19, 2008
One of the most common security lapses uncovered in AS/400 (System i) audits is too many users with privileged access to data. Read this white paper to learn about managing, limiting, and auditing privileged and powerful user accounts on the AS/400 and discover answers to the following questions: What are the security exposures from powerful user accounts with SECOFR user class and special authorities such as *ALLOBJ? What are your auditors looking for? How can you configure your AS/400 system to comply with IT frameworks such as COBIT and ISO 27002 (17799)?
Download Now
PowerTech
Best Practices for Audit and Compliance Reporting for IBM AS/400 (System i)
By : PowerTech Published Date: Nov 01, 2007
Compliance with regulations such as Sarbanes-Oxley, PCI, HIPAA and GLBA requires regular audit reporting against critical information technology (IT) assets. This whitepaper outlines the key items that need to be reviewed on AS/400 (System i) for both configuration data and transactional log information from the audit journal.  The white paper also provides guidance on integrating the AS/400 with Security Information Management (SIM) solutions.
Download Now
PowerTech
How One Company Conquered the Audit Challenge
By : Qualys Published Date: Aug 08, 2006
The Marine Corps Community Services (MCCS) manages a global network that serves Marines and their families. MCCS chose a managed service to conduct comprehensive vulnerability assessments and prioritize patches and fixes.
Download Now
Qualys
Meeting the PCI Application Security Requirements: Building Compliance In
By : Ounce Labs Published Date: Nov 15, 2007
The PCI DSS is demonstrably becoming a de facto standard of due care for any organization responsible for the privacy and integrity of data. The increased focus on application security in the latest revisions of the PCI DSS can be traced directly to many of the recent high profile breaches, where insecure applications have proved to be the point of access for hackers, and the source of data loss.
Download Now
Ounce Labs
Winning the PCI Compliance Battle: A Guide for Merchants and Member Service Providers
By : Qualys Published Date: Oct 31, 2006
This white paper reviews the basics of PCI, including who must comply, compliance requirements, validation requirements and penalties. It also examines key things to look for when selecting a PCI network testing service and introduces QualysGuard PCI.
Download Now
Qualys
Don't Dread that Network Audit: Compliance with Government Regulation and Industry Standards
By : Qualys Published Date: Aug 08, 2006
Security administrators need to be more proactive about preventing attacks, making vulnerability assessments a crucial tool in their portfolio.
Download Now
Qualys
Email and IM Prep for Your Next Regulatory Audit
By : mindSHIFT Published Date: Jul 30, 2007
A millisecond of downtime can mean millions of dollars. Maintaining compliance while ensuring your firm has the required speed and uptime can be daunting. Learn what you can do with your email and instant messages to prepare for your next regulatory audit.
Download Now
mindSHIFT
Monitor System Changes And User Activity
By : NetIQ Corporation Published Date: Jul 11, 2007
Learn how to meet regulatory requirements for system change and user activity monitoring with NetIQ Change Guardian for Windows, without the need for performance-hindering native auditing.

Download Now
NetIQ Corporation
Privacy, Compliance, and International Data Flows
By : NetIQ Corporation Published Date: Jun 14, 2006
Mandatory compliance requirements often vary or conflict. Discover the major issues and appropriate actions organizations must take today to protect the privacy of information and meet legal and contractual requirements.
Download Now
NetIQ Corporation
Pre-Test DR & Business Continuity Plans
By : Shunra Published Date: Mar 18, 2007
Effective IT disaster recovery and business continuity planning is essential for every business. All businesses depend on their IT services for moment-to-moment operations. It is vital to ensure that those services are not disrupted due to any disaster. Pre-test your plans in a simulated network.
Download Now
Shunra
Effectively Delegate Administrative Privileges
By : NetIQ Corporation Published Date: Aug 27, 2007
Learn how delegating administrative privileges can aid in improving administrative productivity, system availability and security, while satisfying the demands of auditors.  Read this new white paper from NetIQ today.
Download Now
NetIQ Corporation
Going Beyond Standard Windows Auditing & Logging
By : TSFactory Published Date: Jun 01, 2006
In lieu of Sarbanes-Oxley, HIPAA, and other regulations, one of the main concerns in the IT industry today is security. In this white paper, we take a deeper look at the security concerns, the available solutions, their drawbacks, and a new complementary way of addressing today's security issues.
Download Now
TSFactory
Gene Kim's Practical Steps to Mitigate Virtualization Security Risks
By : Tripwire Published Date: Mar 28, 2008
Tripwire founder/CTO Gene Kim provides seven practical steps that IT organizations can take to mitigate the unique security challenges of virtualization. While some are directed specifically at virtualized environments, many of these steps are solid best practices that apply to both physical and virtualized environments.
Download Now
Tripwire
How to Perform Network-Wide Security Event Log Management
By : GFI Published Date: Jan 02, 2007

Download Now
GFI
Host Access Management with CA Access Control
By : CA Published Date: Sep 13, 2007
Your organization relies on servers to store and access to your most critical information resources. CA Access Control is a product that centralizes control and distributed enforcement of appropriate role-based access to sensitive server resources.
Download Now
CA
IBM's Banking Data Warehouse and Basel II
By : IBM Published Date: Dec 01, 2005

This white paper will outline the components of the Banking Data Warehouse (BDW) and how they assist financial institutions to address the data modeling and data consolidation issues relating to the Basel II Capital Accord. 


Download Now
IBM
Identifying Critical Change Control Failure Points
By : Solidcore Published Date: Aug 27, 2007
Identifying critical change control failure points in your infrastructure can help reduce the threat of costly downtime, potential security breaches, and compliance weaknesses. Read this paper for guidelines on how to identify and categorize systems that have characteristics which heighten risk.

Download Now
Solidcore
Improving SOX Compliance Efforts with Self-Service Auditing
By : Solidcore Published Date: Aug 25, 2007
This paper lays out the challenges with complying with SOX and suggests a radical solution: build a self-service, automated IT control framework in which all the information required to verify compliance is available in a single reporting system.

Download Now
Solidcore
Keeping Up Your SOX Compliance and Turning IT into a High Performer by Improving Change Control
By : Tripwire Published Date: Jan 26, 2007
This paper covers the implementation, disclosure and ongoing evaluation of internal controls for SOX compliance with a focus on the role of IT, as well as the penalties for non-compliance.
Download Now
Tripwire
10 Reasons your RADIUS Server Needs a Refresh
By : Identity Engines Published Date: Oct 15, 2007
For over a decade now, RADIUS servers have been a mainstay of dial-up and VPN access control. The rather inconspicuous RADIUS server, perhaps better known as that beige, general-purpose PC collecting dust in the corner of your data center, has proved sufficient for performing basic duties like validating passwords and granting network access.
Download Now
Identity Engines
Leveraging Automation to Quickly Reveal Vulnerabilities
By : Cenzic Published Date: Nov 30, 2005
With web applications constantly evolving, finding vulnerabilities is a challenging, costly and time-consuming undertaking.  Find out how Cenzic's powerful security solutions help information security teams quickly identify problems, regularly assess web application security strength and ensure regulatory compliance.
Download Now
Cenzic
Leveraging Lifecycle Management for Software and Business Adapt Ability
By : Borland Published Date: Oct 02, 2006
In this white paper, you'll learn how to clearly define business requirements, align them with testing, and evolve development processes to prevent defects.
Download Now
Borland
40% PCI Non-Compliance? How to Beat The Stats Without Breaking a Sweat
By : Solidcore Published Date: Jan 07, 2008
New report issued by Fortrex, Emagined Security and Solidcore reveals the cost of PCI compliance is justified. These PCI requirements exist to protect sensitive data - yet, research indicates that these are among the least satisfied requirements across Level 1 merchants, with almost 40% non-compliance. 

Download Now
Solidcore
Practical Guide to Sarbanes-Oxley Compliance
By : Ecora Software Published Date: Jul 05, 2006
Learn about the Sarbanes-Oxley regulatory background and its impact on IT departments. This document provides information pertaining to access issues, change documentation, disaster recovery planning and illustrations of key audit-ready reports.
Download Now
Ecora Software
Prepare for Successful Audits: A Change Management Manager Checklist
By : Solidcore Published Date: Dec 13, 2007
This IT audit checklist guide includes advice on assessing the effectiveness of change management in a variety of areas.   As companies grow more dependent on interdependent IT systems, the risks associated with untested changes in development and production environments have increased proportionately.

Download Now
Solidcore
 
Results 1 - 25 of 45 matches Sort Results By : Published Date | Title | Company name
Home >

Security

>

Auditing
<< Start < Previous 1 2 Next > End >>

More Security Topics
Access Control, Anti Spam, Anti Spyware, Anti Virus, Application Security, Auditing, Authentication, Biometrics, Business Continuity, Compliance, DDoS, Disaster Recovery, Email Security, Encryption, Firewalls, Hacker Detection, High Availability, Identity Management, Internet Security, Intrusion Detection, Intrusion Prevention, IPSec, Network Security Appliance, Password Management, Patch Management, Phishing, PKI, Policy Based Management, Security Management, Security Policies, Single Sign On, SSL, Secure Instant Messaging, Web Service Security
SUBSCRIBE FORM
Receive an email alert whenever new research is added into:
Auditing
Enter your email below:

RELATED TOPICS
Best Practices
233 Documents
Business Management
189 Documents
Compliance
206 Documents
Enterprise Software
118 Documents
Governance
33 Documents
HIPAA Compliance
41 Documents
High Availability
97 Documents
IT Management
250 Documents
Project Management
69 Documents
Sarbanes Oxley Compliance
61 Documents
Security
214 Documents
Security Management
169 Documents
Software Compliance
35 Documents

Search the Library
This Weeks Most Popular Reports Most Popular Topics Vendor Directory
Network Security Research                                                                                                
Learn about lead generation opportunities and list your white papers

This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.

Your use of this website constitutes acceptance of Haymarket Media's Privacy Policy and Terms & Conditions
4.1562838554382