Auditing and Security

A complete and definitive guide to auditing the security of IT systems for managers, CIOs, controllers, and auditors This up-to-date resource provides all the tools you need to perform practical security audits on the entire spectrum of a company's IT platforms-from the mainframe to the individual PC-as well as the networks that connect them to each other and to the global marketplace. Auditing and Security: AS/400, NT, Unix, Networks, and Disaster Recovery Plans is the first book on IT security written specifically for the auditor, detailing what controls are necessary to ensure a secure system regardless of the specific hardware, software, or architecture a company runs. The author uses helpful checklists and diagrams and a practical, rather than theoretical, method to understanding and auditing a company's IT security systems and their requirements. This comprehensive volume covers the full range of issues relating to security audits, including: * Hardware and software * Operating systems * Network connections * The cooperation of logical and physical security systems * Disaster recovery planning