Top

Risk-based auditing to achieve enterprise security

April 29, 2010 by  

Here’s a new piece I wrote for SearchSecurity.com on using a risk-based auditing methodology to achieve enterprise security.

Some topics covered include:

  • Why use a risk-based audit
  • How to perform a risk assessment
  • Tips on categorizing assets
  • Classifying assets by criticality and confidentiality levels
  • Calculating risk and risk ranking
  • Developing an audit plan
  • A six-step audit methodology
  • A risk-based audit use case

Give it a read and let me know if you have any questions.

Comments

Feel free to leave a comment...
and oh, if you want a pic to show with your comment, go get a gravatar!





Bottom

Warning: Unknown: open(/home/content/30/5076530/tmp/sess_umvoduffk9ifua3379b29ct1i6, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0