Sister CISA CISSP:

February, 2008

1

February 29, 2008  3:37 PM

It Makes Me Tear My Hair Out #1



Posted by: Arian Eigen Heald
Admins and Auditors, Compliance, IT audit, Security, Tearing My Hair Out

Visa, in conjunction with the US Chamber of Commerce, has published an alert that identifies the leading causes of data breaches. Full details can be found at the Chamber’s website. The five leading causes of card-related breaches...

February 25, 2008  6:17 PM

Call me “Kernel” Patch



Posted by: Arian Eigen Heald
Admins and Auditors, Compliance, IT audit, Microsoft Windows, Security

One of the junior members on my audit team likes to rag me about how often I harp on patching at various client sites. He started out by calling me "Captain Patch," but I pointed out that I like "Kernel" much better. Why have just a nickname when you can make a really good pun with it...


February 21, 2008  3:31 AM

Security by Auditor: Don’t Make Me Do It



Posted by: Arian Eigen Heald
Admins and Auditors, Compliance, IT audit, Security

When I go out on exams to client sites, I am often amazed that I find things in bad shape - terminated users on systems, unpatched servers, holes in firewalls, secret 5 on Cisco routers.....Why? Because it's not rocket science. Whether it's SOX, SAS 70 or PCI, auditors will be checking pretty...


February 15, 2008  8:24 PM

What Makes a Good IT Auditor?



Posted by: Arian Eigen Heald
Admins and Auditors, IT audit, Security

I had a great discussion today with the head of auditing for a regional bank. He talked about the need for IT Auditors to understand the systems they were auditing. But how much knowledge of technical environments should an IT Auditor have? Quick answer: As much as possible. I have...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: