Home » Data Protection » IT Audit

IT AUDIT Articles

PAGE 5

4 Ways to Get the Most from Your PCI QSAs

In response to Heartland CEO Robert Carr's claim that his qualified security assessors (QSAs) missed key weaknesses during a PCI security audit of his company, security experts offer tips to get the most from an assessment.

» full story

One Man's View: Heartland CEO Must Accept Responsibility

Security Incite's Mike Rothman read our interview with Heartland's CEO and didn't like it one bit. Here's why.

» full story

PCI, QSAs, Hackers, and Slackers: Will the Real Enemy Please Stand Up?

CSO Senior Editor Bill Brenner dives into a contentious debate over the Heartland CEO's tirade against QSAs and searches for reason. Will he find it?

» full story

Mass 201 CMR 17: A Survival Guide for the Anxious

Security experts offer tips for navigating Mass 201 CMR 17. Will your business be ready?

» full story

Sue the Auditor and Shut Down the Firm

Rothke and Mundhenk: "We are all in favor of throwing incompetent auditors to the dogs. Conversely, any organization that refuses to remediate security gap findings should be given an injunction"

» full story

Top 10 Reasons the Firewall Guy's Hair is on Fire

The firewall is a mature technology, right? Then why do those who manage it feel like they're running a daycare overrun with little savages?

» full story

PCI Security Pain: Amid Recession, Merchants Struggle to Comply

With the recession drying up compliance budgets, merchants send PCI Security Standards Council General Manager Bob Russo a letter asking for help (includes audio).

» full story

Social Engineering: The Fine Art of BS, Face to Face (Includes Video)

A confrontation with a facilities manager demonstrates social engineers' complete comfort dealing with (and manipulating) conflict

» full story

Information Systems Audit: The Basics

What should you expect from an IS audit? Jennifer Bayuk spells out the audit process, step by step.

» full story

Where PCI DSS Still Falls Short (and How to Make it Better)

Former CISO and Symantec strategic consulting director Ariel Silverstone goes through PCI DSS line by line and offers suggestions to make it more effective

» full story

« 3 4 5 6 7 »

I.T. AUDIT ESSENTIAL READING

IT audits don't have to be painful. Find practical, detailed advice on what various types of audit entail and how different audit standards work.

IS audit: What to expect
Jennifer Bayuk's systematic and useful walkthrough of the audit process

SSAE 16: replacement for SAS70 right around the corner
Effective mid-2011, the SSAE 16 reporting standard for American service organizations mirrors international standard ISAE 3402

Exchange 2010 and Your Audit Strategy
In this Quest Software white paper, discover how to easily understand and control who accesses your company's sensitive data. Learn to implement a strong Exchange 2010 audit strategy, and read about the options that give you the power to safeguard your company's vital information. Read it today.
A Critical Look Behind the Data
Learn about the importance knowledge workers place on having the latest technologies and tools, access to the most up-to-date corporate information, and having the ability to collaborate securely within and beyond organizational boundaries.

» View All IT Audit White Papers