Difference between revisions of "Security audit"
From Clinfowiki
Raquel.Y.Ngo (Talk | contribs) |
Raquel.Y.Ngo (Talk | contribs) |
||
| Line 10: | Line 10: | ||
===Where To Get Security Audit?=== | ===Where To Get Security Audit?=== | ||
| − | Either doing it yourself, or buying in. The first involves either developing your own security tests or acquiring software that will do the tests for you. The latter involves the use of external security consultants.<ref name="IT Security"></ref> | + | Either by doing it yourself, or buying in. The first involves either developing your own security tests or acquiring software that will do the tests for you. The latter involves the use of external security consultants.<ref name="IT Security"></ref> |
===References=== | ===References=== | ||
<references/> | <references/> | ||
Revision as of 18:31, 29 March 2015
Contents
What is Security Audit?
Security Audit is a systematic measurable technical assessment evaluation of the security of a company’s information system on how well it conforms to a set of established criteria. A complete and thorough audit will include security assessment of the system’s physical configuration and environment, software, information handling processes, and user practices[1].
Why Perform a Security Audit?
- To ensure security systems are working
- To ensure an adequate level of protection
- To ensure own security isn't lacking
- To prove compliance with some legislative laws[2]
Where To Get Security Audit?
Either by doing it yourself, or buying in. The first involves either developing your own security tests or acquiring software that will do the tests for you. The latter involves the use of external security consultants.[2]
References
- ↑ Tech Target: Security Audit. http://searchcio.techtarget.com/definition/security-audit
- ↑ 2.0 2.1 IT Security: Security Audits for Dummies. http://www.itsecurity.com/features/feature-dummies-guide-security-audit/
