Identity and Access Management - GTAG 9
Practice Aid :
Published on March 15, 2012
Common Vulnerabilities and Exposures
Overview :
Common Vulnerabilities and Exposures (CVE's) is a list or dictionary of publicly known information security vulnerabilities and exposures international in scope and free for public use. CVE's common names facilitate the exchange of vulnerability information across security advisories, tools, databases, and services that did not exist prior to the creation
Published on January 28, 2011
PCI Data Security Standard Requirements and Security Assessment Procedures
Professional Standards :
The Payment Card Industry (PCI) Data Security Standard (DSS) provides a baseline of technical and operational requirements designed to protect cardholder data.
Published on December 14, 2010
Payment Card Industry (PCI) Data Security Standard - Requirements and Security Assessment Procedures
Article :
PCI DSS provides a baseline of technical and operational requirements designed to protect cardholder data. PCI DSS applies to all entities involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data. PCI DSS
Published on December 02, 2010
Information Security Management Content Suite
Report :
The following content is intended to introduce CPAs to the basic concepts and terminology surrounding IT security.
Published on September 25, 2010
ABCs of IT Security for CPAs
Overview :
An organization's security policy is a living document. It evolves over time to meet new challenges, as well as changing objectives and philosophies on a variety of security-related issues, from hardware configuration to human behavior. Security policy is a governance issue.
Published on September 25, 2010
Critical Security Audit Considerations
Article :
Don’t Let This Happen to You: Critical Information Security Audit Considerations. This article will address specific policies, procedures, and methods related to the security portion of an information technology internal audit. Security is arguably the most important element of an IT audit and requires that validity testing be interwoven through
Published on August 12, 2010
Information Security Management
Article :
Information Security is one of the major areas of concern for our government as it faces threats to the nation's critical infrastructure. For organizations, prevention of compromise to their information assets makes this issue a priority as focus and
Published on July 20, 2010
Identity Management AccessControl
Article :
Control of system and application levels.
Published on July 20, 2010
Imagine that the finance department internal audit passed with flying colors
Article :
Review of specific policies and procedures related to the security portion of Information Technology internal audit.
Published on July 07, 2010
Information Security Triangle Checklist
Checklist :
Published on April 17, 2010
ABCs of IT Security for CPAs #7 A CPAs Introduction to Security Maintenance Considerations
Article :
Published on February 04, 2010
ABCs of IT Security for CPAs #6 Introduction to Perimeter Security
Article :
Published on February 04, 2010
ABCs of IT Security for CPAs #8 A CPAs Introduction to Peripheral Security Management
Article :
Published on February 04, 2010
ABCs of IT Security #4 Introduction to Mobile & Remote Computing Security Considerations
Article :
A broad overview of the mobile security landscape provided at a time when mobile devices are growing and changing rapidly and creating new opportunities for potential attack and exploitation.
Published on February 04, 2010