Basics_ofITSecurity-2

Basics_ofITSecurity-2 - 4/13/2010 Basics of IT Security...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
4/13/2010 1 Basics of IT Security & Audit John E. Columbus, CISA MSSE Class of 2010 © Columbus Consulting Group 2010 What are your burning questions about IT Security or Audit? Firewall Firewall -> (c) Columbus Consulting Group 2010
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4/13/2010 2 Agenda Definitions / Terms Relevance to you Some expectations of people that hire IT staff Risks & Errors Key IT audit concepts Security Ethics Question What did you learn? Lecture Feedback Survey (c) Columbus Consulting Group 2010 Today’s Lecture (c) Columbus Consulting Group 2010
Background image of page 2
4/13/2010 3 (c) Columbus Consulting Group 2010 Key Definitions / Terms [1 of 5] IT Security – “Protecting business data by ensuring confidentiality, integrity and availability.” CIA – Confidentiality, integrity, availability. IT Audit – “Confirming controls on IT processes” IT Compliance – Making sure IT processes stay within legal and regulatory rules. PCI –P ayment C ard I ndustry standards. DSS Data ecurity Standard – D ata S ecurity S tandard. PII ersonally I dentifiable I nformation – various US and EU regulations about protecting this information. (c) Columbus Consulting Group 2010
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4/13/2010 4 Key Definitions / Terms [2 of 5] HIPAA – The H ealth I nsurance P ortability and A ccountability A ct of 1996 PHI – P ersonal H ealth I nformation – Information fields protected by HIPAA. ePHI –E lectronic PHI . Privacy Rule – Protect patient privacy. Security Rule – Safeguards to ensure confidentiality, integrity and availability. ARRA - The A merican R ecovery and R einvestment A ct of 2009 – Includes increased security controls and reporting requirements. (c) Columbus Consulting Group 2010 Key Definitions / Terms [3 of 5] B usiness C ontinuity (BC) – Maintaining company processes when systems or company processes when systems or locations are unavailable. D isaster R ecovery (DR) – Restoring systems to critical operations usually via hot site or backup site. BC/DR – Business department responsible for above activities. (c) Columbus Consulting Group 2010
Background image of page 4
4/13/2010 5 Key Definitions / Terms [4 of 5] IT Governance – How the company from the Board of Directors on down the Board of Directors on down monitors and controls the IT function along with long-term IT planning. Becoming a key area for auditing. Privacy vs. Security – Protecting people’s privacy versus protecting information. (c) Columbus Consulting Group 2010 Key terms in my current project [5 of 5] arbane -Oxley (SOX S arbanes Ox ley (SOX) Federal law put into place after major fraud found in Enron (and auditors that helped causing the fall of Arthur Andersen) SOX 70 – Customer audit / Compliance Other audits Entitlement Reviews / Provisioning (c) Columbus Consulting Group 2010
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4/13/2010 6 Agenda Definitions / Terms Relevance to you Some expectations of people that hire IT staff Risks & Errors Key IT audit concepts Security Ethics Question What did you learn?
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 21

Basics_ofITSecurity-2 - 4/13/2010 Basics of IT Security...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online