June 21, 2010 7:56 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
IT auditSome dozen websites have the words "SAS 70" as part, or all of, their domain name on the web. Given the departure of the SAS 70 audit by 2011, I commented recently that they must not be having any fun. An anonymous reader ("CPA") wrote in to chastise me, to wit:
Does anyone think that......
June 18, 2010 9:16 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
IT auditIt is being replaced (of course!) by the ever-so-easy to say acronym: SSAE 16. (Statement on Standards for Attestation Engagements No. 16, Reporting on Controls at a Service Organization.) What a mouthful!
In April of this year, the AICPA (American Institute of Certified Public...
April 20, 2010 3:26 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
data securityNobody "likes" government regulations. But imagine what it would be like to live without them. What if there were no banking regulations - who would check to see if my money was safe? The bank?
I've worked in banks. The answer would be "no." Not without oversight. Banks have internal auditors,...
April 7, 2010 3:16 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
data security,
free tools,
information securityFor an admin, making the auditor happy is NOT the goal in life. It's to keep things running, squeeze in improvements, implement new products and do it with a work force that is always too small.
For an auditor, getting information to build a complete report, with all the test information, means...
January 11, 2010 12:06 AM
Posted by: Arian Eigen Heald
Admins and Auditors,
data security,
information security,
virtualI came across an article on a sister TechTarget site for VMWARE. Its' title immediately got my attention:
How to steal...
December 22, 2009 7:09 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Tearing My Hair OutIn a previous article, I talked about the issues faced by IT Security and financial auditors, in trying to come together. Financial auditors only care about financial systems and...
December 4, 2009 10:46 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Tearing My Hair OutIt often seems as if IT Security and auditors will never meet in the middle. As a person with one foot in either side of the fence, I'm often amazed how two groups with fundamentally the same goals can't seem to agree.
Usually, when this happens, I'm an auditor sitting with IT Security people,...
November 30, 2009 8:17 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Tools for Auditing and SecurityIf you're like me, if you see/or hear about one more "set of controls," "baselines," "standards" or "frameworks," you'll tear your hair out. And scream
For my money, the
September 25, 2009 3:41 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Digital Forensics,
information securitySooner or later, you will be called upon, as an Admin or an Auditor, to assist or address a possible fraud or event pertaining to someone's computer, laptop, pda or smartphone. People can be very anxious and over-react when an event is happening. Or, just as difficult, proceed to do nothing,...
