Tuesday, December 18, 2012
Audit security
What is meant by security audit?
There are different definitions for security audits. Safety audit is a systematic analysis of security of an enterprise information system by measuring how well corresponds to a number of established security policies and other criteria.
security audit control of an organization or business to determine the physical, financial and computer techniques to the access control and information systems at the level of vulnerability of the attacks by unauthorized persons or criminals.
A Security Audit has developed a specific process to ensure the security of a company assumed risks and controls or countermeasures economy, the judge to lessen the risk. It is basically a human process, managed by a team of meeting technical and business knowledge of enterprise assets in information technology and business processes. As part of an evaluation, the team has to interview key personnel, conduct vulnerability assessments, catalog existing security policies and controls, and evaluate IT assets covered by the scope of the audit. In most cases, rely heavily on technology tools to perform the test.
There are a number of service providers offering services companies in the security audit. Corporate Business Services have their specialty in security audits. Investigators have full information about your company and business activities before the security audit. The process of auditing security involves several steps.
steps involved in the process of audit security:
define the territorial scope audit : The audit team should define the security perimeter, where the test is accomplished.
The physical scope of the audit, the auditor to focus on the assets, processes and policies in a manageable way
define the scope of the process audit. It Security measures to describe the audit process, how to structure effective security processes or areas that should be included in an audit It is important that any company, regardless of size, to set limits on security process or place the focus of examination.
his conduct Due Diligence: This step involves a review of the previous audit. In addition, the auditor should develop a comprehensive inventory of assets within the context of a physical examination and a complete list of security controlled relevant to the asset.
Develop the audit plan. The steps of the security audit a specific description of the scope of the examination, critical data / milestones, dependencies and participants
Perform risk assessment Security: After the audit team to effectively plan in place, they start the core of the test - the risk assessment. The risk assessment also follow certain steps.
document the results of the audit: The sixth step of safety audit summary process, the provision of audit. necessary updates / corrections and supporting data in the form of the show
define and implement new / updated controls: This is the last step of audit process security. The advantage of undergoing the security check that it gives concrete recommendations for optimizing business processes Security Recommendations should be in the form of checks, possess business, the deadline for adoption and the person responsible for adoption. Do not forget to specify the deadlines and specific responsibilities of operating.
Detective in India offers the Security Audit services in India. Audit security in India now essential services to every business. Now are common to all businesses and industries.
Labels:
Security