- Assess the organization's needs
- Develop policies to meet these needs
- Implement these policies
- Train the employees accordingly
- Perform an audit to ensure the above items are in compliance.
The methodology used by the auditor can vary depending on the scope and requirements of the audit. In addition,...
many auditors are also now certified by the Information Systems Audit and Control Association, or ISACA, which is a great organization.
Dig Deeper on Network Administration
Related Q&A from Michael Gregg
Enterprise security expert, Michael Gregg answers a question regarding port 3389 issues when a user tries to open port 3389 RDP on their router to ... Continue Reading
Security expert Michael Gregg discusses the disadvantages to a layered approach to enterprise security. Continue Reading
Learn how to change your security settings to allow ActiveX in Internet Explorer 6 or later, from our enterprise security expert Michael Gregg. Continue Reading