|
COBIT (Control Objectives and related Technologies) is a set of best practices (framework) for information technology (IT) management, created by the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI) in 1996. COBIT provides managers, auditors, and IT users with a set of generally accepted measures, indicators, processes and best practices, to assist them in maximizing the benefits derived through the use of information technology, and developing appropriate IT governance and control in a company. More at: http://www.isaca.org
ISO/IEC 27000 is part of a growing family of ISO/IEC Information Security Management Systems (ISMS) standards, the 'ISO/IEC 27000 series'. Standard provides an overview of and introduction to the entire ISO/IEC 27000 family of Information Security Management Systems (ISMS) standards. Standard also provides a glossary or vocabulary of fundamental terms and definitions used throughout the ISO/IEC 27000 family. Information security, like many technical subjects, is evolving a complex web of terminology. Relatively few authors take the trouble to define precisely what they mean, an approach which is unacceptable in the standards arena as it potentially leads to confusion and devalues formal assessment and certification.
Information System Audit An information technology audit, or information systems audit, is an examination of the controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement. Information Security Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. The field of information security has grown and evolved significantly in recent years. There are many ways of gaining entry into the field as a career. It offers many areas for specialization including: securing network(s) and allied infrastructure, securing applications and databases, security testing, information systems auditing, business continuity planning and digital forensics science, etc. |
IS Audit & IT Security Consultancy
IS Audit & IT Security Courses
|
Information System Audit & Information Security Management
|
|
