[Hidden-tech] Security Auditor

Leslie Dwight gsidwight at gmail.com
Tue Nov 8 13:33:30 EST 2016

Previous message: [Hidden-tech] Security Auditor
Next message: [Hidden-tech] Security Auditor
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi David~

Any place I’ve ever worked as CTO/CIO we have been required to do an IT security audit.

In my experience, it’s mostly CYA, but it can be a really good exercise in discovery for the IT person in charge.

For example, they usually require passwords be changed every X days, which has ZERO security value, as well as pissing off users ;) (personal soapbox- sorry!)

Anyhow, usually the auditor hands a form to the IT person to fill out, so I’d contact the auditor to get their requirements.

Good luck!
Lili


> On Nov 7, 2016, at 10:29 PM, David Korpiewski <davidk at cs.umass.edu> wrote:
> 
> A company that I work for in the Valley has a yearly audit done and the auditor has recently told the CEO that its now required to have a computer security audit.  First I've heard of this, has anyone else heard of a required security audit when you get your books checked??  As the CEO wrote me:  " This isn’t something they’ve made up; it’s a legal requirement that they give an opinion on the status of ours – specifically, if there are gaps, they are required to bring these to the attention of our board."
> 
> Secondly, can anyone recommend a security auditor.  I'm not talking someone who thinks they know what they are doing, but actually someone who has done security auditing and is certified to do so. 
> Thank you very much
> 
> David
> 
> 
> 
> -- 
> --
> 
> ============================================
> David Korpiewski
> Software Specialist II
> Department of Computer Information 
>   and Computer Science
> 413-545-4319
> ============================================
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
> 
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members   
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20161108/0808cf85/attachment.html

Previous message: [Hidden-tech] Security Auditor
Next message: [Hidden-tech] Security Auditor
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Hidden-discuss mailing list