Risk-based auditing to achieve enterprise security

April 29, 2010 by · Leave a Comment 

Here’s a new piece I wrote for on using a risk-based auditing methodology to achieve enterprise security.

Some topics covered include:

  • Why use a risk-based audit
  • How to perform a risk assessment
  • Tips on categorizing assets
  • Classifying assets by criticality and confidentiality levels
  • Calculating risk and risk ranking
  • Developing an audit plan
  • A six-step audit methodology
  • A risk-based audit use case

Give it a read and let me know if you have any questions.


Warning: Unknown: open(/home/content/30/5076530/tmp/sess_hbe64jc3es3u44vk7q0nhlnfp1, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0