Basics_ofITSecurity-6

Basics_ofITSecurity-6 - 4/13/2010 1 Basics of IT Security...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 4/13/2010 1 Basics of IT Security & Audit Basics of IT Security & Audit John E. Columbus, CISA MSSE Class of 2010 Columbus Consulting Group 2010 What are your burning What are your burning questions about questions about IT Security or Audit IT Security or Audit IT Security or Audit? IT Security or Audit? Firewall Firewall -> (c) Columbus Consulting Group 2010 Agenda Agenda Definitions / Terms Relevance to you Some expectations of people that hire IT staff Risks & Errors Key IT audit concepts Security Ethics Question What did you learn? Lecture Feedback Survey (c) Columbus Consulting Group 2010 Todays Lecture Todays Lecture (c) Columbus Consulting Group 2010 (c) Columbus Consulting Group 2010 Key Definitions / Terms Key Definitions / Terms [1 of 5] [1 of 5] IT Security Protecting business data by ensuring confidentiality, integrity and availability. CIA Confidentiality, integrity, availability. IT Audit Confirming controls on IT processes IT Compliance Making sure IT processes stay within legal and regulatory rules. PCI P ayment C ard I ndustry standards. DSS D ata S ecurity S tandard. PII P ersonally I dentifiable I nformation various US and EU regulations about protecting this information. (c) Columbus Consulting Group 2010 4/13/2010 2 Key Definitions / Terms Key Definitions / Terms [2 of 5] [2 of 5] HIPAA The H ealth I nsurance P ortability and A ccountability A ct of 1996 PHI P ersonal H ealth I nformation Information fields protected by HIPAA. ePHI E lectronic PHI . Privacy Rule Protect patient privacy. Security Rule Safeguards to ensure confidentiality, integrity and availability. ARRA- The A merican R ecovery and R einvestment A ct of 2009 Includes increased security controls and reporting requirements. (c) Columbus Consulting Group 2010 Key Definitions / Terms Key Definitions / Terms [3 of 5] [3 of 5] B usiness C ontinuity (BC) Maintaining company processes when systems or locations are unavailable. Disaster Recovery (DR) Restoring systems to critical operations usually via hot site or backup site. BC/DR Business department responsible for above activities. (c) Columbus Consulting Group 2010 Key Definitions / Terms Key Definitions / Terms [4 of 5] [4 of 5] IT Governance How the company from the Board of Directors on down monitors and controls the IT function along with long-term IT planning. Becoming a key area for auditing. Privacy vs. Security Protecting peoples privacy versus protecting information. (c) Columbus Consulting Group 2010 Key terms in my current project Key terms in my current project [5 of 5] [5 of 5] S arbanes-Ox ley (SOX) Federal law put into place after major fraud found in Enron (and auditors that helped causing the fall of Arthur Andersen) SOX 70 Customer audit / Compliance Other audits Entitlement Reviews / Provisioning...
View Full Document

Page1 / 7

Basics_ofITSecurity-6 - 4/13/2010 1 Basics of IT Security...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online