The IT Regulatory and Standards Compliance Handbook:: How to Survive Information Systems Audit and Assessments

Craig S. Wright

買這商品的人也買了...

相關主題

商品描述

This book provides comprehensive methodology, enabling the staff charged with an IT security audit to create a sound framework, allowing them to meet the challenges of compliance in a way that aligns with both business and technical needs. This "roadmap" provides a way of interpreting complex, often confusing, compliance requirements within the larger scope of an organization's overall needs.


Key Features:

* The ulitmate guide to making an effective security policy and controls that enable monitoring and testing against them
* The most comprehensive IT compliance template available, giving detailed information on testing all your IT security, policy and governance requirements
* A guide to meeting the minimum standard, whether you are planning to meet ISO 27001, PCI-DSS, HIPPA, FISCAM, COBIT or any other IT compliance requirement
* Both technical staff responsible for securing and auditing information systems and auditors who desire to demonstrate their technical expertise will gain the knowledge, skills and abilities to apply basic risk analysis techniques and to conduct a technical audit of essential information systems from this book
* This technically based, practical guide to information systems audit and assessment will show how the process can be used to meet myriad compliance issues

商品描述(中文翻譯)

本書提供了全面的方法論,使負責IT安全審計的人員能夠建立一個健全的框架,以滿足合規性方面的挑戰,並與業務和技術需求相一致。這本書提供了一種在組織整體需求的更大範圍內解釋複雜且常常令人困惑的合規性要求的方法。

主要特點:
* 提供了制定有效安全策略和控制措施的最終指南,使其能夠進行監測和測試
* 提供了最全面的IT合規性模板,詳細介紹了測試所有IT安全、政策和治理要求的信息
* 提供了滿足最低標準的指南,無論您計劃滿足ISO 27001、PCI-DSS、HIPPA、FISCAM、COBIT還是其他任何IT合規性要求
* 本書將使負責保護和審計信息系統的技術人員以及希望展示其技術專長的審計師獲得應用基本風險分析技術和進行信息系統技術審計的知識、技能和能力
* 這本以技術為基礎的實用指南將展示如何使用該過程來滿足各種合規性問題。