Security Audit

MUST READ Best practices for choosing an outside IT auditor TIP - Learn six points for choosing the right outside auditor. The future role of the CISO: Keeping auditors at bay TIP - CISOs have little discretionary budget or time to make any improvements that are not directly related to HIPAA or SOX compliance. For some, this is a benefit. Cheat sheet: 10 ways to prep for auditors ARTICLE - There are 10 ways to prepare for those auditors knocking at your door -- and avoid wasting time and money.

EXPERT TECHNICAL ADVICE: 1 - 3 of 22

SECURITY AUDIT EXPERTS
			Mike Rothman President and Principal Analyst ASK A QUESTION

	Filtering log data: Looking for the needle in the haystack Submitted By: SearchSecurity.com | 24 Oct 2007 TIP - In this illustrated tip, network security expert David Strom demonstrates how to use a log-filtering tool to quickly make use of all those voluminous log files.

	Preparing for a network security audit starts with monitoring and remediation 23 Oct 2007 TIP - Mike Chapple explains how a detailed network security change-management and remediation process can make audit preparation much easier.

	Dissecting compliance workflow processes Submitted By: SearchSecurity.com | 24 Sep 2007 TIP - Special guest Compliance School instructor Tom Bowers explains why a compliance workflow model makes sense and how it makes auditors happy.

	VIEW ALL EXPERT TECHNICAL ADVICE ON SECURITY AUDIT

NEWS: 1 - 3 of 23

	Hannaford breach illustrates dangerous compliance mentality SearchSecurity.com | 04.02.2008 OPINION - As Executive Editor Dennis Fisher explains, the Hannaford supermarket breach illustrates how too much emphasis on compliance puts critical data at risk.

	Data breach costs soar SearchSecurity.com | 29 Nov 2007 ARTICLE - A Ponemon Institute study indicates the costs associated with data breaches have soared and will continue to skyrocket unless companies do more to prevent them in the first place.

	IBM to boost security spending, push PCI DSS program SearchSecurity.com | 01 Nov 2007 ARTICLE - IBM plans to invest $1.5 billion on security research in 2008. The company is also using recent acquisitions to introduce a PCI DSS program.

	VIEW ALL NEWS ON SECURITY AUDIT

REFERENCE & LEARNING: 1 - 3 of 11

	Conclusion: The Risk Mitigation Challenges of the "12 PCI Commandments" SearchSecurity.com | 19 Sep 2007 LEARNING GUIDE - In this guide, Craig Norris draws some important PCI compliance conclusions.

	Strategies for success -- PCI DSS Requirement 1: Install and maintain a firewall configuration to protect cardholder data SearchSecurity.com | 19 Sep 2007 LEARNING GUIDE - Simply installing a firewall on the network perimeter won't necessarily get you past PCI DSS Requirement 1. Craig Norris explains the extra work that needs to be done.

	Strategies for success -- PCI DSS Requirement 10: Track and monitor all access to network resources and cardholder data SearchSecurity.com | 19 Sep 2007 LEARNING GUIDE - Many organizations must manually track each system's log files to comply with PCI DSS. In this guide, Craig Norris explains how to pass PCI's troublesome tenth requirement.

	VIEW ALL REFERENCE & LEARNING ON SECURITY AUDIT

MAGAZINE CONTENT (free subscription required): 1 - 1 of 1

	Architect Security and Compliance Programs to Be Complementary Information Security Magazine | 01 Jun 2008 COLUMNS - Perspectives: Shake On It

	VIEW ALL MAGAZINE CONTENT ON SECURITY AUDIT

WEBCASTS: 1 - 3 of 3

5 Steps for SOX Compliance - Expert Webcast VIEW WEBCAST PREMIERED:   26 OCT 2006, 09:00 EDT (13:00, GMT) SUMMARY:   This Podcast offers five easy steps that help your company comply with a SOX audit and improve your overall security posture. Listen to this Podcast and examine where your reporting divisions should beand who you should turn to for help when you are trying to comply with SOX regulations.

	Making effective use of database monitoring/auditing tools for security and compliance - Expert Webcast VIEW WEBCAST PREMIERED:   12 OCT 2006, 12:00 EDT (16:00, GMT) SUMMARY:   This webcast will help you understand how monitoring/auditing tools map to data compliance/security requirements and what to look for to determine which tools will work best for your environment.

	CISSP Essentials: Mastering the Common Body of Knowledge -- Class 1, Security management practices - Expert Webcast VIEW WEBCAST PREMIERED:   14 OCT 2004, 09:00 EDT (13:00, GMT) SUMMARY:   While viruses, worms and hacking grab all the news headlines, sound security management practices are the foundation of any organization's security success.

	VIEW ALL WEBCASTS ON SECURITY AUDIT

	SEE ALSO - Topics Related to Security Audit:  PCI Data Security Standard, FFIEC, Gramm-Leach-Bliley Act (GLBA), HIPAA, Sarbanes-Oxley Act, Data Security Breach Laws and Notification, Data Privacy, FISMA