Scribd Logo
Unggah

Selamat datang di Scribd!

  • It Security Audit Plan and Deliver Able Stem Plates

    Diunggah oleh

    rajesh35techie
    456 tayangan2 halaman
    Security Audit Plan

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    XLS, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    Security Audit Plan

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai XLS, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    456 tayangan2 halaman

    It Security Audit Plan and Deliver Able Stem Plates

    Diunggah oleh

    rajesh35techie
    Security Audit Plan

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai XLS, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 2

    IT Security Audit Plan and Deliverables Templates

    Area Description Deliverables


    1. Vulnerability This involves scanning the infrastructure set Vulnerability Report: Presents
    Scanning up to reveal any existing vulnerabilities. vulnerabilities in the company’s IS
    setup.
    2. Report Audit This involves auditing reports that are Audit Report: An Audit report is
    regularly generated as a part of the Security prepared giving a security overview,
    management process of the organisation. and the results of all the audits and
    Audits are conducted on: Logs – logs that reports are prepared and presented.
    are maintained within the system (syslogs)
    by the network, system and database
    components. IDS Reports – reports that are
    generated by the Intrusion Detection System
    on an on-going basis. Any other reports that
    are maintained/generated by the
    organisation as part of its security
    maintenance program.

    3. Security This involves auditing the existing security Security Architecture Audit Report
    Architecture Audit architecture of the organisation.
    4. Baseline Auditing This involves auditing the security setup to Baseline Auditing Report
    verify that it is in accordance with the
    security baseline of the organisation.
    Deviations are recorded to analyse
    compliance during the audit period.
    5. Internal Control and This involves auditing the existing workflow Internal Control and Workflow Audit
    Workflow Audit in the organisation to ascertain whether it is Report
    sufficient to handle and escalate response to
    security issues.
    6. Policy Audit The Security policy is audited to ensure that Policy Audit Report
    it is in line with the business objectives of the
    organisation and complies with standards
    that the company follows or wishes to follow.

    7. Threat/Risk Assessment of the various risks and threats Threat/Risk Assessment Report:
    Assessment facing the company’s Information systems. Presents the various threats and
    Taking into account the results of the audits, risks the company faces as a result
    this assessment gives an overall picture of of the existing vulnerabilities
    the security risk/ threat to the organisation. including faulty policy, architecture,
    etc.
    Notes

    Anda mungkin juga menyukai