Conducting an information security audit
Conducting an information security audit

Summary/Abstract: The rapid and dramatic advances in information technology (IT) in recent years have without question generated tremendous benefits. At the same time, information technology has created significant, unprecedented risks to government and to entities operations. So, computer security has become much more important as all levels of government and entities utilize information systems security measures to avoid data tampering, fraud, disruptions in critical operations, and inappropriate disclosure of sensitive information. Obviously, uses of computer security become essential in minimizing the risk of malicious attacks from individuals and groups, considering that there are many current computer systems with only limited security precautions in place.As we already know financial audits are the most common examinations that a business manager encounters. This is a familiar area for most executives: they know that financial auditors are going to examine the financial records and how those records are used. They may even be familiar with physical security audits. However, they are unlikely to be acquainted with information security audits; that is an audit of how the confidentiality, availability and integrity of an organization’s information are assured. Any way,if not, they should be, especially that an information security audit is one of the best ways to determine the security of an organization’s information without incurring the cost and other associated damages of a security incident.

• Details
• Contents