10 Steps to your own IT Security Audit

Search
Archives
Categories
- News (103)
- Tips (50)
- Tools (210)
  - Anti-Spam (19)
  - Anti-Spyware (22)
  - Anti-Virus (24)
  - Content Filtering (20)
  - Disassembler (4)
  - Encryption (33)
  - Firewall (27)
  - Forensics (12)
  - Freeware (149)
  - Hardware (22)
  - IDS/IPS (43)
  - Linux/Unix (125)
  - Live CD (8)
  - Network (157)
  - OSX (80)
  - Packet Sniffer (32)
  - Password Cracker (8)
  - Patch Management (9)
  - Port Scanner (24)
  - Proxy (14)
  - VPN (16)
  - vulnerability Scanner (54)
  - Windows (123)
  - Wireless (17)
Books

Security Books

IT Security has a DIY version of how to conduct your own basic IT security audit. The 10 steps are not as extensive as a professional audit but it’s an excellent pointer for small organizations to get started protecting their company. After performing these 10 steps described in the article you’ll have a more clear idea of what assets you have, what kind of threats to expect and how to mitigate and deal with them.

Here are the 10 steps…, but you should go to the ITSecurity article for all the details on how to follow them.

1. Defining the Scope of Your Audit: Creating Asset Lists and a Security Perimeter

2. Creating a ‘Threats List’

3. Past Due Diligence & Predicting the Future

4. Prioritizing Your Assets & Vulnerabilities

5. Implementing Network Access Controls

6. Implementing Intrusion Prevention

7. Implementing Identity & Access Management

8. Creating Backups

9. Email Protection & Filtering

10. Preventing Physical Intrusions