Here’s my list of IT/security basics that I think IT auditors ought to know. If you can’t understand and audit these items, you do not know enough about technology to avoid having the wool pulled over your irises (not matter how good an auditor you are). The list is in no particular order.
If you’re a CISA or CISSP and you don’t know the following, I think you have some work to do.
Continue reading →
Like this:
Like Loading...
Filed under Audit, How to..., Security, Technology
Tagged as active directory, Audit, complexity, database, DHCP, DNS, IP, know, password, permissions, ping, printer, share, URL, whack, wireless, WPA
Auditors use the following secrets and tricks to ensure that control owners can’t run and hide. If you do audits of any type and don’t use these tricks, you might want to consider adding them to your toolbox. If you are the one getting audited, beware!
Here’s some of my favorite sneaky tricks:
Continue reading →
Like this:
Like Loading...
ITauditSecurity 