1

Click here to load reader

Security Network Audit Steps

Embed Size (px)

DESCRIPTION

audit sécurité informatique

Citation preview

Page 1: Security Network Audit Steps

SECURITY AUDIT

SECURITY AUDIT STEPS 1. Vulnerability Scanning This involves scanning the infrastructure set up to reveal any existing vulnerabilities. 2. Report Audit This involves auditing reports that are regularly generated as a part of the Security management process of the organisation. Audits are conducted on:

Logs – logs that are maintained within the system (syslogs) by the network, system and database components.

IDS Reports – reports that are generated by the Intrusion Detection System on an on-going basis. Any other reports that are maintained/generated by the organisation as part of its security maintenance

program.

3. Security Architecture Audit This involves auditing the existing security architecture of the organisation. 4. Baseline Auditing This involves auditing the security setup to verify that it is in accordance with the security baseline of the organisation. Deviations are recorded to analyse compliance during the audit period. 5. Internal Control and Workflow Audit This involves auditing the existing workflow in the organisation to ascertain whether it is sufficient to handle and escalate response to security issues. 6. Policy Audit The Security policy is audited to ensure that it is in line with the business objectives of the organisation and complies with standards that the company follows or wishes to follow. 7. Threat/Risk Assessment Assessment of the various risks and threats facing the company’s Information systems. Taking into account the results of the audits, this assessment gives an overall picture of the security risk/ threat to the organisation. DELIVERABLES 1. Vulnerability Report: Presents vulnerabilities in the company’s IS setup. 2. Threat/Risk Assessment Report: Presents the various threats and risks the company faces as a result of

the existing vulnerabilities including faulty policy, architecture, etc. 3. Audit Report: An Audit report is prepared giving a security overview, and the results of all the audits and

reports are prepared and presented. SPECIALISED SKILLS 1. Certified Internet Security systems (ISS) specialists 2. Network, OS and database specialists 3. Certified Information systems auditor (CISA)

Company Confidential Version 1.0 1

Is Security Audit

Is Security Audit

Documents
r Fp Security Audit

r Fp Security Audit

Documents
Conops Security Audit Services

Conops Security Audit Services

Business
STEPS TOWARDS A CLEAN AUDIT

STEPS TOWARDS A CLEAN AUDIT

Documents
IT Security Auditing. Topics Defining IT Audit Risk Analysis Internal Controls Steps of an IT Audit Preparing to be Audited Auditing IT Applications Who

IT Security Auditing. Topics Defining IT Audit Risk Analysis Internal Controls Steps of an IT Audit Preparing to be Audited Auditing IT Applications Who

Documents
ICAO Universal Security Audit Programme ICAO Regional Aviation Security Audit Seminar Security... · 2015-01-15 · ICAO Universal Security Audit Programme (USAP) USAP Continuous

ICAO Universal Security Audit Programme ICAO Regional Aviation Security Audit Seminar Security... · 2015-01-15 · ICAO Universal Security Audit Programme (USAP) USAP Continuous

Documents
AUDIT SECURITY

AUDIT SECURITY

Documents
Print Security Audit System

Print Security Audit System

Documents
Asset auditor - Steps in the Audit Process

Asset auditor - Steps in the Audit Process

Technology
OVERVIEW OF THE ICAO UNIVERSAL SECURITY AUDIT civil … - USAP_ICAO Security Aud… · UNIVERSAL SECURITY AUDIT PROGRAMME (USAP) ICAO Aviation Security Audit Section 2 2 Action by

OVERVIEW OF THE ICAO UNIVERSAL SECURITY AUDIT civil … - USAP_ICAO Security Aud… · UNIVERSAL SECURITY AUDIT PROGRAMME (USAP) ICAO Aviation Security Audit Section 2 2 Action by

Documents
Security Audit and Security Tools

Security Audit and Security Tools

Technology
Professional audit in 7 steps

Professional audit in 7 steps

Documents
IT Security Auditing Martin Goldberg. Today’s Topics Defining IT Audit and the Auditor Steps of an IT Audit Preparing to be Audited How IT Audit Applications

IT Security Auditing Martin Goldberg. Today’s Topics Defining IT Audit and the Auditor Steps of an IT Audit Preparing to be Audited How IT Audit Applications

Documents
Information Security Audit Guidance

Information Security Audit Guidance

Documents
CUSTOMER Information Security Audit Report · CUSTOMER Information Security Audit Report Version 1.0 Date Wednesday, 18 January 2006 . CUSTOMER Information Security Audit Report –

CUSTOMER Information Security Audit Report · CUSTOMER Information Security Audit Report Version 1.0 Date Wednesday, 18 January 2006 . CUSTOMER Information Security Audit Report –

Documents
Security Audit Log

Security Audit Log

Documents
IT Security Audit Checklist€¦ · IT security audit checklist3 4 steps to protecting your business Cybersecurity is a major concern for businesses, especially since hackers are

IT Security Audit Checklist€¦ · IT security audit checklist3 4 steps to protecting your business Cybersecurity is a major concern for businesses, especially since hackers are

Documents
cloud security audit

cloud security audit

Documents
Steps in it audit

Steps in it audit

Education
Security Audit Pm

Security Audit Pm

Documents
Audit Steps

Audit Steps

Documents
Security Audit Certificate - eWON · Audit process: OSSTMM & OWASP ... communication channel Test type: Double gray box Security Audit Certificate Audit modules: ... (Security Test

Security Audit Certificate - eWON · Audit process: OSSTMM & OWASP ... communication channel Test type: Double gray box Security Audit Certificate Audit modules: ... (Security Test

Documents
Management VLAN Audit Steps

Management VLAN Audit Steps

Documents
THE UNIVERSAL SECURITY AUDIT PROGRAMME … · the universal security audit programme the universal security audit programme 1 (usap)

THE UNIVERSAL SECURITY AUDIT PROGRAMME … · the universal security audit programme the universal security audit programme 1 (usap)

Documents
Audit, Compliance & Security

Audit, Compliance & Security

Documents
Systems Security & Audit Operating Systems security

Systems Security & Audit Operating Systems security

Documents
Database Security & Audit

Database Security & Audit

Documents
Security Audit Ppt

Security Audit Ppt

Documents
Security Audit Report

Security Audit Report

Documents
Steps to Conducting a Policy Library Audit

Steps to Conducting a Policy Library Audit

Documents