"Asking questions is a good way of finding out about something." - Kermit the Frog.
"Don’t confuse a plan with execution. A plan is good intentions. You don’t win with good intentions.” – General Russel, Honore, Joint Task Force Katrina.
Why should we audit? - My favorite reply to this question is:
"Quoniam Stercus Accidit" which translates (roughly) into "Because Stuff Happens".
__________________________________________________________
1. Security group (SANS) ranks human error as top security worry.
“Paller's organization compiles an annual report on the top to Internet security targets. This year ‘human vulnerabilities’ will make their first appearance on a list that is typically made up of software products like Internet Explorer, databases, and file sharing applications.
That's because the human factor is being exploited in a growing number of targeted attacks as more and more criminals come online in Eastern Europe and Asia , Paller said.”
http://www.infoworld.com/article/06/11/15/HNhumanerror_1.html?source=rss&url=http://www.infoworld.com/article/06/11/15/HNhumanerror_1.html
2. SANS Top - 20 Internet Security Attack Targets (The 2006 Annual Update)
http://www.sans.org/top20/
3. Auditing Information Security - Evaluating the Effectiveness of Your Information Security Program (An upcoming Dec 19th webinar).
http://www.complian ceonline. com/ecommerce/ control/training Focus?product_ id=700258&category_id= 30008&full_desc=yes
4. More Courses by Dan Swanson Auditing IT Initiatives- Assessing Implementation
Auditing a Compliance and Ethics Program Evaluating the Design and Operating Effectiveness
http://www.complianceonline.com/ecommerce/control/trainingFocus?product_id=700218&category_id=30008&parent_category_id=
http://www.complianceonline.com/ecommerce/control/trainingFocus?product_id=700238&category_id=30008&parent_category_id=
SIncerely.
Dan
____________ _________ _________ _________ _________ _________ _________
"Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction, and skillful execution; it presents the wise choice of many alternatives. "
- W. Foster.
____________ _________ _________ _________ _________ _________
www.securitybenchmark.com
http://finance.groups.yahoo.com/group/Dans_SECemails/
http://finance.groups.yahoo.com/group/Dans_CCCemails/
http://www.complianceweek.com/
____________ _________ _________ _________ _________ __
My latest white paper is now available at ITCI.
http://www.itcinstitute.com/display.aspx?id=2499
____________ _________ _________ _________
The IT Audit Checklist for Risk Management offers:
80 specific checklist items to help assess your audit-readiness
Clarification on what auditors want to see
Tips on how to effectively communicate with an auditor
Pointers on audit preparation, testing, and reporting
http://www.itcinstitute.com/
Note - a brief registration may be required to download the free ITCI white paper.
____________ _________ _________ _________ _________ _________ _________
"Keeping Up Your SOX Compliance - (A new white paper that I wrote).
And Turning IT into a High Performer by improving Change Control."
____________ _________ _________ _________ _________ _________ _________
a. http://www.tripwire.com/resources/asset_request.cfm?aid=2184
b. http://www.tripwire.com/resources/whitepapers/index.cfm
Note - A brief registration may be required (to download the free Tripwire white paper).
____________ _________ _________ _________ _________ _________ _________
---------------------------------
Sponsored Link
$200,000 mortgage for $660/mo - 30/15 yr fixed, reduce debt, home equity - Click now for info
[Non-text portions of this message have been removed]
.