Article | REF: H5130 V1

Security audits - Methodology, tools and feedback

Author: Laurent BUTTI

Publication date: April 10, 2013

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!


Français

1. What about audits?

This section introduces the context of information systems security auditing. It describes the main approaches to security auditing, which will serve as the basis for the other two parts of this dossier.

1.1 Context

Auditing is a "systematic, independent and documented process for obtaining evidence and evaluating it objectively to verify that audit criteria are met". The auditor is then the "person with the competence to conduct an audit". (source: ISO/IEC 19011).

"The security audit of an information system (IS) is a view at a moment T of all or part of the IS, making it possible to compare the state of the IS with a repository." (source: Wikipedia).

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!


The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors
+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year
From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

This article is included in

Safety and risk management

This offer includes:

Knowledge Base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

Practical Path

Operational and didactic, to guarantee the acquisition of transversal skills

Doc & Quiz

Interactive articles with quizzes, for constructive reading

Subscribe now!

Ongoing reading
What about audits?