SlideShare a Scribd company logo

Auditing

Download as PPS, PDF
Pardhasaradhi ch
Pardhasaradhi ch

ITS JUST TO HAVE A BASIC OVERVIEW

Technology
1 of 22
Who am I null nullcon Hackim Battle UnderGround Hyderabad Hackers missing two hackers
Companies are worried about ?
Restrictions on the accessibility and dissemination of information. Protecting data from modification or deletion by unauthorized parties confidentiality Integrity Availability Ensures that information or resources are available when required
A control put into place to mitigate potential loss.
AUDITING Industry needs it ? Ch.Pardhasaradhi a.k.a Babloo [email_address]
What is Auditing Types Of Auditors Audit Planning Audit Classification Practical Examples Phases of the Audit Process Security Policy AGENDA
Auditing An audit is an evaluation of an organization, system, process, project or product. Performed by competent, independent and objective person, known as auditors who then issue a report on the results of the audit. Who is responsible Formerly called an Electronic Data Processing (EDP) audit
Types of auditors Two types of auditors: These are employees of a company hired to assess and evaluate its system of internal control. Internal Auditors External Auditor These are independent staff assigned by an auditing firm to assess and evaluate financial statements of their clients or to perform other agreed upon evaluations.
PHASES OF THE AUDIT PROCESS ,[object Object],[object Object],[object Object],[object Object],[object Object]
AUDIT PLANNING ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Audit Classifications ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security Policy security policies are a special type of documented business rule for protecting information and the systems which store and process the information. Types Of Policies ,[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],Risk is the potential that a given threat will exploit vulnerabilities of an asset to cause loss or damage to the assets.
Risk Analysis ,[object Object],[object Object],Risk assets are of two types ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Conducting Internal Control Review ,[object Object],[object Object],[object Object],AICRs and ICRs have the same goal: Assessing a component’s control system effectiveness. AICRs and ICRs also share common elements. Both types of reviews consist of the following steps: 1. Identifying what might go wrong (risk) 2. Comparing control systems to the GAO control standards 3. Testing control techniques 4. Documenting the evaluation 5. Planning corrective actions Internal Control - 17 6. Reporting the results
[object Object],[object Object],Auditing Standards and is widely applied by auditing firms. The assessment of inherent and control risk as less than high and the performance of a lower level of substantive procedures involves considerable judgment and entails a degree of risk. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Auditing practically through some software's MBSA Log Parser Event Viewer Event tracker Group Edit policy in windows gpedit.msc is only in win7 Ultimate, Professional (old Business) and Enterprise editions, and not in the Windows 7 Home Premium or Basic editions.
gpedit.msc ,[object Object]
Some Certification references ISO 27001 CISA CISSP ISACA community https://www.isaca.org/ Hyderabad Chapter http://isaca.org.in/ CISSP ISC2 https://www.isc2.org GSNA GIAC Systems and Network Auditor http://www.giac.org/certifications/audit/gsna.php
CISSP GUIDE Google Wikipedia References == Google

Recommended

Use Of Techniques And Technology In Internal Audit
Use Of Techniques And Technology In Internal AuditUse Of Techniques And Technology In Internal Audit
Use Of Techniques And Technology In Internal Audit
Manoj Agarwal
 
Application Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalApplication Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 Final
Manoj Agarwal
 
Security audit
Security auditSecurity audit
Security audit
Rosaria Dee
 
Database auditing models
Database auditing models Database auditing models
Database auditing models
ERSHUBHAM TIWARI
 
6 benefits of internal auditing
6 benefits of internal auditing6 benefits of internal auditing
6 benefits of internal auditing
SALIH AHMED ISLAM
 
Life of the software - SDLC
Life of the software - SDLCLife of the software - SDLC
Life of the software - SDLC
Bharath Rao
 
CISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainCISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrain
InfosecTrain
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
Damilola Mosaku
 

Recommended

Use Of Techniques And Technology In Internal Audit
Use Of Techniques And Technology In Internal AuditUse Of Techniques And Technology In Internal Audit
Use Of Techniques And Technology In Internal Audit
Manoj Agarwal
 
Application Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalApplication Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 Final
Manoj Agarwal
 
Security audit
Security auditSecurity audit
Security audit
Rosaria Dee
 
Database auditing models
Database auditing models Database auditing models
Database auditing models
ERSHUBHAM TIWARI
 
6 benefits of internal auditing
6 benefits of internal auditing6 benefits of internal auditing
6 benefits of internal auditing
SALIH AHMED ISLAM
 
Life of the software - SDLC
Life of the software - SDLCLife of the software - SDLC
Life of the software - SDLC
Bharath Rao
 
CISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainCISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrain
InfosecTrain
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
Damilola Mosaku
 
Control and Audit Information System
Control and Audit Information SystemControl and Audit Information System
Control and Audit Information System
arif prasetyo
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
Mahesh Patwardhan
 
Cisa domain 1
Cisa domain 1 Cisa domain 1
Cisa domain 1
Ismail aboulezz
 
Data governance guide
Data governance guideData governance guide
Data governance guide
CenapSerdarolu
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditors
minkhollow
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT Auditors
Ed Tobias
 
Fix nix, inc
Fix nix, incFix nix, inc
Fix nix, inc
FixNix Inc.,
 
Sap security compliance tools_PennonSoft
Sap security compliance tools_PennonSoftSap security compliance tools_PennonSoft
Sap security compliance tools_PennonSoft
PennonSoft
 
IT System & Security Audit
IT System & Security AuditIT System & Security Audit
IT System & Security Audit
Mufaddal Nullwala
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems
Jeffrey Paulette
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and Control
Asad Raza
 
Language of business
Language of businessLanguage of business
Language of business
Aziz Fataliyev, Internal Audit Practitioner
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymond
spencerharry
 
Ch2 2009 cisa
Ch2 2009 cisaCh2 2009 cisa
Ch2 2009 cisa
asrulsani09
 
Cisa Certification Overview
Cisa Certification OverviewCisa Certification Overview
Cisa Certification Overview
Al Imran, CISA
 
Business continuity planning guide
Business continuity planning guideBusiness continuity planning guide
Business continuity planning guide
CenapSerdarolu
 
008.itsecurity bcp v1
008.itsecurity bcp v1008.itsecurity bcp v1
008.itsecurity bcp v1
Mohammad Ashfaqur Rahman
 
Internal Control And Fraud 11-19-10
Internal Control And Fraud 11-19-10Internal Control And Fraud 11-19-10
Internal Control And Fraud 11-19-10
Ed Tobias
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing
Dinesh O Bareja
 
e-skills: competences for collaboration and knowledge sharing in digital society
e-skills: competences for collaboration and knowledge sharing in digital societye-skills: competences for collaboration and knowledge sharing in digital society
e-skills: competences for collaboration and knowledge sharing in digital society
Ana Loureiro
 
B Corp / Wildwon talk for 180 Degrees Consulting
B Corp / Wildwon talk for 180 Degrees ConsultingB Corp / Wildwon talk for 180 Degrees Consulting
B Corp / Wildwon talk for 180 Degrees Consulting
Sally Hill
 
FInding your Passata - presented at Pop Sydney
FInding your Passata - presented at Pop SydneyFInding your Passata - presented at Pop Sydney
FInding your Passata - presented at Pop Sydney
Sally Hill
 

More Related Content

What's hot

Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditors
minkhollow
 
Sap security compliance tools_PennonSoft
Sap security compliance tools_PennonSoftSap security compliance tools_PennonSoft
Sap security compliance tools_PennonSoft
PennonSoft
 

What's hot (19)

Control and Audit Information System
Control and Audit Information SystemControl and Audit Information System
Control and Audit Information System
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
 
Cisa domain 1
Cisa domain 1 Cisa domain 1
Cisa domain 1
 
Data governance guide
Data governance guideData governance guide
Data governance guide
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditors
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT Auditors
 
Fix nix, inc
Fix nix, incFix nix, inc
Fix nix, inc
 
Sap security compliance tools_PennonSoft
Sap security compliance tools_PennonSoftSap security compliance tools_PennonSoft
Sap security compliance tools_PennonSoft
 
IT System & Security Audit
IT System & Security AuditIT System & Security Audit
IT System & Security Audit
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and Control
 
Language of business
Language of businessLanguage of business
Language of business
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymond
 
Ch2 2009 cisa
Ch2 2009 cisaCh2 2009 cisa
Ch2 2009 cisa
 
Cisa Certification Overview
Cisa Certification OverviewCisa Certification Overview
Cisa Certification Overview
 
Business continuity planning guide
Business continuity planning guideBusiness continuity planning guide
Business continuity planning guide
 
008.itsecurity bcp v1
008.itsecurity bcp v1008.itsecurity bcp v1
008.itsecurity bcp v1
 
Internal Control And Fraud 11-19-10
Internal Control And Fraud 11-19-10Internal Control And Fraud 11-19-10
Internal Control And Fraud 11-19-10
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing
 

Viewers also liked

FInding your Passata - presented at Pop Sydney
FInding your Passata - presented at Pop SydneyFInding your Passata - presented at Pop Sydney
FInding your Passata - presented at Pop Sydney
Sally Hill
 

Viewers also liked (7)

e-skills: competences for collaboration and knowledge sharing in digital society
e-skills: competences for collaboration and knowledge sharing in digital societye-skills: competences for collaboration and knowledge sharing in digital society
e-skills: competences for collaboration and knowledge sharing in digital society
 
B Corp / Wildwon talk for 180 Degrees Consulting
B Corp / Wildwon talk for 180 Degrees ConsultingB Corp / Wildwon talk for 180 Degrees Consulting
B Corp / Wildwon talk for 180 Degrees Consulting
 
FInding your Passata - presented at Pop Sydney
FInding your Passata - presented at Pop SydneyFInding your Passata - presented at Pop Sydney
FInding your Passata - presented at Pop Sydney
 
Overview on digital forensics
Overview on digital forensicsOverview on digital forensics
Overview on digital forensics
 
Vivid Ideas 2013 - Co-Create the Experience with Johnny Cupakes
Vivid Ideas 2013 - Co-Create the Experience with Johnny CupakesVivid Ideas 2013 - Co-Create the Experience with Johnny Cupakes
Vivid Ideas 2013 - Co-Create the Experience with Johnny Cupakes
 
Jet-Set Menswear Collection Lookbook
Jet-Set Menswear Collection LookbookJet-Set Menswear Collection Lookbook
Jet-Set Menswear Collection Lookbook
 
Digital and Information Literacy
Digital and Information LiteracyDigital and Information Literacy
Digital and Information Literacy
 

Similar to Auditing

Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdfCyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
Cyber Security Experts
 
Assessing risks and internal controls training
Assessing risks and internal controls trainingAssessing risks and internal controls training
Assessing risks and internal controls training
shifataraislam
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit Process
Ram Srivastava
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk Consulting
Prashant Jain
 

Similar to Auditing (20)

CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMSCISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
 
Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdfCyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
 
2020 Updated Cisa Real Exam Questions
2020 Updated Cisa Real Exam Questions2020 Updated Cisa Real Exam Questions
2020 Updated Cisa Real Exam Questions
 
Auditing concept
Auditing conceptAuditing concept
Auditing concept
 
Kontrol & Audit Sistem Informasi
Kontrol & Audit Sistem InformasiKontrol & Audit Sistem Informasi
Kontrol & Audit Sistem Informasi
 
module_1.pptx
module_1.pptxmodule_1.pptx
module_1.pptx
 
Grc and is audit
Grc and is auditGrc and is audit
Grc and is audit
 
Tugas mandiri audit novita dewi 11353202277
Tugas mandiri audit novita dewi 11353202277Tugas mandiri audit novita dewi 11353202277
Tugas mandiri audit novita dewi 11353202277
 
Tugas control & audit sistem informasi
Tugas control & audit sistem informasiTugas control & audit sistem informasi
Tugas control & audit sistem informasi
 
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
 
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
 
PAWS - Pentana Audit Work System software
PAWS - Pentana Audit Work System softwarePAWS - Pentana Audit Work System software
PAWS - Pentana Audit Work System software
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
 
Process Maturity Assessment
Process Maturity AssessmentProcess Maturity Assessment
Process Maturity Assessment
 
Assessing risks and internal controls training
Assessing risks and internal controls trainingAssessing risks and internal controls training
Assessing risks and internal controls training
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk Management
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit Process
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk Consulting
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based Is
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based Is
 

Recently uploaded

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 

Auditing

  • 1. Who am I null nullcon Hackim Battle UnderGround Hyderabad Hackers missing two hackers
  • 3. Restrictions on the accessibility and dissemination of information. Protecting data from modification or deletion by unauthorized parties confidentiality Integrity Availability Ensures that information or resources are available when required
  • 4. A control put into place to mitigate potential loss.
  • 5. AUDITING Industry needs it ? Ch.Pardhasaradhi a.k.a Babloo [email_address]
  • 6. What is Auditing Types Of Auditors Audit Planning Audit Classification Practical Examples Phases of the Audit Process Security Policy AGENDA
  • 7. Auditing An audit is an evaluation of an organization, system, process, project or product. Performed by competent, independent and objective person, known as auditors who then issue a report on the results of the audit. Who is responsible Formerly called an Electronic Data Processing (EDP) audit
  • 8. Types of auditors Two types of auditors: These are employees of a company hired to assess and evaluate its system of internal control. Internal Auditors External Auditor These are independent staff assigned by an auditing firm to assess and evaluate financial statements of their clients or to perform other agreed upon evaluations.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19. Auditing practically through some software's MBSA Log Parser Event Viewer Event tracker Group Edit policy in windows gpedit.msc is only in win7 Ultimate, Professional (old Business) and Enterprise editions, and not in the Windows 7 Home Premium or Basic editions.
  • 20.
  • 21. Some Certification references ISO 27001 CISA CISSP ISACA community https://www.isaca.org/ Hyderabad Chapter http://isaca.org.in/ CISSP ISC2 https://www.isc2.org GSNA GIAC Systems and Network Auditor http://www.giac.org/certifications/audit/gsna.php
  • 22. CISSP GUIDE Google Wikipedia References == Google