Search results
Jump to navigation
Jump to search
Page title matches
- ==IT Audit Roles and Responsibilities== ...e important element of an effective internal control system is an internal audit function that includes adequate IT coverage.<br> ...28 KB (4,089 words) - 14:37, 16 April 2007
- ==Security Audit Guidance== ...audit guidance, please refer to [[Audit_Guidance_Examination_Procedures | Audit Guidance Examination Procedures]] ...5 KB (665 words) - 14:40, 11 April 2007
- ==Information Security Audit== ...ination_Procedures | Information Technology Audit]] or a computer security audit. However, information security encompasses much more than IT. Auditing info ...21 KB (3,112 words) - 16:52, 15 June 2007
- ...g rules. Also, if fraud occurs and your organization has not completed the audit requirements, financial and legal responsibility will be placed more heavil ...2 KB (235 words) - 09:48, 23 October 2012
- ==Audit Guidance Examination Procedures== ...ion related to IT controls. These procedures will disclose the adequacy of audit coverage and to what extent, if any, the examiner may rely upon the procedu ...32 KB (4,518 words) - 17:53, 11 April 2007
Page text matches
- ...s and determine that they include audit log retention policies and require audit log retention for at least one year. ...insert number and/or description of sample) system components, verify that audit logs are available online or on tape for at least one year. ...415 bytes (66 words) - 15:25, 21 February 2007
- :'''PCI-10.2 Implement automated audit trails to reconstruct the following events, for all system components:'''<b ::[[Image:Key-control.jpg]][[PCI-10.2.3:|PCI-10.2.3 Access to all audit trails.]]<br> ...4 KB (530 words) - 17:53, 7 July 2006
- :'''Retain your audit trail history for a period that is consistent with its effective use, as we :* An audit history usually covers a period of at least one year, with a minimum of thr ...2 KB (332 words) - 21:09, 2 March 2007
- :'''Implement automated audit trails to reconstruct the following events, for all system components:'''<b :* Confirm though inquiry, review of audit logs, and review of audit log settings for (insert as-of dates) for the samples of (insert number and ...2 KB (291 words) - 20:37, 2 March 2007
- :'''Implement automated audit trails to reconstruct the following events, for all system components:'''<b :* Confirm though inquiry, review of audit logs, and review of audit log settings for (insert as-of dates) for the samples of (insert number and ...2 KB (290 words) - 20:39, 2 March 2007
- :'''Implement automated audit trails to reconstruct the following events, for all system components:'''<b :* Confirm though inquiry, review of audit logs, and review of audit log settings for (insert as-of dates) for the samples of (insert number and ...2 KB (290 words) - 20:36, 2 March 2007
- :'''Implement automated audit trails to reconstruct the following events, for all system components:'''<b :* Confirm though inquiry, review of audit logs, and review of audit log settings for (insert as-of dates) for the samples of (insert number and ...2 KB (292 words) - 20:38, 2 March 2007
- :'''Implement automated audit trails to reconstruct the following events, for all system components:'''<b :* Confirm though inquiry, review of audit logs, and review of audit log settings for (insert as-of dates) for the samples of (insert number and ...2 KB (290 words) - 20:37, 2 March 2007
- :'''Implement automated audit trails to reconstruct the following events, for all system components:'''<b :* Confirm though inquiry, review of audit logs, and review of audit log settings for (insert as-of dates) for the samples of (insert number and ...2 KB (296 words) - 20:36, 2 March 2007
- :'''Implement automated audit trails to reconstruct the following events, for all system components:'''<b :* Confirm though inquiry, review of audit logs, and review of audit log settings for (insert as-of dates) for the samples of (insert number and ...2 KB (293 words) - 20:40, 2 March 2007
- ...7.7:|'''SOX.2.7.7''']] The problem management system provides for adequate audit trail facilities, which allow tracing from incident to underlying cause. 1. Determine if the organization’s procedures include audit trail facilities—tracking of the incidents. ...2 KB (297 words) - 19:19, 25 June 2006
- ## The Company shall employ a centralized audit-logging scheme such that audit logs are securely written to a centralized log system. ## The centralized log system shall provide a mechanism for archiving audit logs in accordance with applicable legal and regulatory requirements. ...3 KB (444 words) - 20:12, 15 January 2014
- ...ist on the staff? Please provide the name and phone number of the internal audit contact person or senior IS specialist responsible for providing assistance ...A.4''']] Are periodic tests or reviews of the system made by the internal audit staff to ensure that controls are functioning in accordance with establishe ...2 KB (354 words) - 20:12, 25 June 2006
- ==Security Audit Guidance== ...audit guidance, please refer to [[Audit_Guidance_Examination_Procedures | Audit Guidance Examination Procedures]] ...5 KB (665 words) - 14:40, 11 April 2007
- :'''Secure audit trails so they cannot be altered in any way, including the following:'''<br ::'''PCI-10.5.1:''' Only individuals who have a job-related need can view audit trail files. ...2 KB (275 words) - 21:01, 2 March 2007
- :'''Secure audit trails so they cannot be altered in any way, including the following:'''<br ::'''PCI-10.5.3:''' Current audit trail files are promptly backed up to a centralized log server or media tha ...2 KB (283 words) - 21:02, 2 March 2007
- :'''Record at least the following audit trail entries for each event, for all system components:'''<br> ...on, for each auditable event mentioned in [[PCI_10: | PCI-10.2]], that the audit trail captures the following information: ...2 KB (274 words) - 20:44, 2 March 2007
- :'''Record at least the following audit trail entries for each event, for all system components:'''<br> ...on, for each auditable event mentioned in [[PCI_10: | PCI-10.2]], that the audit trail captures the following information: ...2 KB (274 words) - 20:47, 2 March 2007
- :'''Record at least the following audit trail entries for each event, for all system components:'''<br> ...on, for each auditable event mentioned in [[PCI_10: | PCI-10.2]], that the audit trail captures the following information: ...2 KB (273 words) - 20:43, 2 March 2007
- :'''Record at least the following audit trail entries for each event, for all system components:'''<br> ...on, for each auditable event mentioned in [[PCI_10: | PCI-10.2]], that the audit trail captures the following information: ...2 KB (275 words) - 20:45, 2 March 2007
- :'''Record at least the following audit trail entries for each event, for all system components:'''<br> ...on, for each auditable event mentioned in [[PCI_10: | PCI-10.2]], that the audit trail captures the following information: ...2 KB (280 words) - 20:46, 2 March 2007
- :'''Secure audit trails so they cannot be altered in any way, including the following:'''<br ::'''PCI-10.5.2:''' Current audit trail files are protected from unauthorized modifications via access contro ...2 KB (282 words) - 21:01, 2 March 2007
- :'''Record at least the following audit trail entries for each event, for all system components:'''<br> ...on, for each auditable event mentioned in [[PCI_10: | PCI-10.2]], that the audit trail captures the following information: ...2 KB (281 words) - 20:48, 2 March 2007
- ::'''1. PCI-10.5.1 Limit viewing of audit trails to those with a job-related need.''' ::'''2. PCI-10.5.2 Protect audit trail files from unauthorized modifications.''' ...3 KB (377 words) - 18:52, 4 May 2006
- ...ze the effectiveness of and to minimize interference to or from the system audit process. This section provides templates for an Information Security Progra ==Information systems audit considerations== ...6 KB (774 words) - 12:41, 25 May 2007
- ...rance services to provide the board—this will occur most likely through an audit committee—with timely independent assurance about the compliance of IT with ISO12.3 System audit considerations.<br> ...2 KB (300 words) - 13:39, 4 May 2006
- ...ants or certification bodies. Qualifications of individuals performing the audit must be ensured.<br> ...2 KB (294 words) - 13:08, 4 May 2006
- Documentation for EDP audit packages used to detect method of crime as subject of discovery is discusse ...522 bytes (72 words) - 10:44, 5 March 2009
- Association for Computing Machinery Special Interest Group on Security Audit and Control, 11 W 42 St., New York NY 10036 (212) 869-7440. ...631 bytes (82 words) - 02:56, 5 March 2009
- ...ailability, and testing. Perform a [[Information_Security_Audit | security audit]] reassessment when significant technical or logical discrepancies occur du ...2 KB (329 words) - 13:35, 6 March 2007
- * '''Audit:''' Review and audit are required to ensure that the organization’s CM process is adhered to and :'''Primary forms of audit include:''' ...7 KB (942 words) - 15:09, 23 March 2007
- ...g rules. Also, if fraud occurs and your organization has not completed the audit requirements, financial and legal responsibility will be placed more heavil ...2 KB (235 words) - 09:48, 23 October 2012
- Implement internal control, security and audit ability measures during configuration, integration and maintenance of hardw ...1 KB (146 words) - 17:19, 7 June 2006
- ...ontrol.jpg]][[PCI-9.1.1:|PCI-9.1.1 Use cameras to monitor sensitive areas. Audit this data and correlate with other entries. Store for at least three months ...Key-control.jpg]][[PCI-9.4:|PCI-9.4 Use a visitor log to retain a physical audit trail of visitor activity. Retain this log for a minimum of three months, u ...4 KB (604 words) - 15:30, 1 March 2007
- :'''Secure audit trails so they cannot be altered in any way, including the following:'''<br ...2 KB (283 words) - 21:03, 2 March 2007
- ...:''' Verify, via observation and inquiry of the system administrator, that audit trails are enabled and active, including for any connected wireless network ...2 KB (278 words) - 20:33, 2 March 2007
- :'''Secure audit trails so they cannot be altered in any way, including the following:'''<br ...2 KB (290 words) - 21:04, 2 March 2007
- ...ns that currently have a [[SAS 70]] service auditor’s examination (“SAS 70 audit”) performed, some changes will be required to effectively reporting under t ...ce Auditor's Report, a service organization may have to entertain multiple audit requests from its customers and their respective auditors. Multiple visits ...10 KB (1,457 words) - 21:20, 21 August 2012
- ...-virus mechanisms are current, actively running, and capable of generating audit logs.]]<br> ...1 KB (199 words) - 18:10, 28 February 2007
- :'''Use a visitor log to retain a physical audit trail of visitor activity. Retain this log for a minimum of three months, u ...2 KB (317 words) - 14:19, 2 March 2007
- ==IT Audit Roles and Responsibilities== ...e important element of an effective internal control system is an internal audit function that includes adequate IT coverage.<br> ...28 KB (4,089 words) - 14:37, 16 April 2007
- ...any of your flagship applications will not pass this test. A more complete audit will include source code reviews and other more advanced techniques to circ ...''' You will need ''WRITTEN'' permission from your company to perform this audit. Failure to obtain such permission may get you fired and or prosecuted.<br> ...14 KB (2,387 words) - 13:41, 4 April 2007
- ::'''1. PCI.10.7: Retain your audit trail history for a period that is consistent with its effective use, as we ...2 KB (270 words) - 18:42, 5 May 2006
- ...environment and control framework. [[Information_Security_Audit | Security audit]] assessments using industry best practices and benchmarking should be used ...2 KB (291 words) - 13:41, 6 March 2007
- ...us mechanisms are current, and actively running, and capable of generating audit logs.<br> ...2 KB (333 words) - 18:15, 28 February 2007
- 2. Determine if an audit trail exists of all emergency activity and verify that it is independently ...3 KB (372 words) - 13:56, 23 June 2006
- ITIL 4.3 Audit and evaluate<br> ...2 KB (270 words) - 14:54, 5 May 2006
- ...e considered. It is important that [[Information_Security_Audit | security audit]] remains independent.<br> ...4 KB (591 words) - 19:45, 14 June 2007
- * PCI-9.1.1 Use cameras to monitor sensitive areas. Audit this data and correlate with other entries. Store for at least three months ...at the date of expiration.PCI.9.4: Use a visitor log to retain a physical audit trail of visitor activity. Retain this log for a minimum of three months, u ...5 KB (674 words) - 18:14, 21 June 2006
- ...ortant professional groups are the ACM Special Interest Group on Security, Audit and Control,[[FN37]] the IEEE Security and Privacy Committee,[[FN38]] and t ...2 KB (298 words) - 15:17, 22 February 2009