IT Assurance Framework introduced

Posted by Tahir 24 July, 2008 (0) Comment

ISACA today introduced ITAF: A Professional Practices Framework for IT Assurance targeting the IT Auditing and Assurance professionals. The official release states:

ITAFTM consists of compliance and good practice setting guidance:

  • Provides guidance on the design, conduct and reporting of IT audit and assurance assignments
  • Defines terms and concepts specific to IT assurance
  • Establishes standards that address IT audit and assurance professional roles and responsibilities, knowledge, skills and diligence, conduct, and reporting requirements
The ITAF Structure

Figure 1: The ITAF Structure

More info here

Share/Save/Bookmark

Categories : compliance, general, news Tags : , , ,

Audit network devices with ease

Posted by Tahir 4 July, 2008 (0) Comment

Assessing security posture of network devices like routers and firewalls can become a nightmare when a security practitioner is faced with tens of devices with hundreds (sometimes thousands) of lines of configuration data to go through. Manually going through the entire configuration data may not always be the right course of action especially when faced with tight deadlines.

There is help available and it comes in the form of automation tools that can make our life easier. I will discuss a couple of tools that I have worked with and how they can support in auditing and vulnerability assessment activities. Read the rest of this entry

Share/Save/Bookmark

Categories : compliance, general, reviews Tags : , ,