omputer Audit, Systems Audit
and Information Security Audit Made Easy!
For All Your Computer Audit & Information Security Audit Needs
A computer and information security audit can be an extremely difficult undertaking. The growing complexity of information systems requires an extremely comprehensive and detailed audit programme. Hopefully, by identifying the most widely acclaimed products, we can help:
AUDIT CHECKLISTS & QUESTIONNAIRES
If you are seeking a toolkit of questionnaires and checklists with which to audit or review your e-commerce or network security, we strongly recommend the e-Security Toolkit
AUTOMATED AUDIT & RISK ANALYSIS – COBRA
By providing an automated approach, COBRA can make your security audit much more manageable.
A computer audit must embrace a variety of requirements. Consideration of risk is of growing importance, but fundamental to the whole security audit programme is compliance with the audit checklist and of course the organization’s information security policies.
COBRA is designed to cater for all these information security audit related demands. Through the COBRA Module Manager component, it is a simple task to integrate your existing security policies and/or audit checklist into the COBRA knowledge base. Many organizations create whole new COBRA knowledge bases, comprising exclusively of their own information security policies.
Another common trend is the integration of an external standard or policy into the computer audit exercise, such as BS7799. Again, this is straightforward with COBRA.
The following sites detail the use of COBRA in varying IT security audit type situations. If, however, you need further assistance or advice, please contact us.
The start page for the COBRA risk analysis method.
Auditing against BS7799 and using COBRA for ISO 17799/BS7799 compliance.
Using COBRA for audit against your own policies/checklists, or devolving COBRA for self compliance and management (note: for a pre-written set of information security policies, see Security Policy World).