Skip to main content
SpringerLink
Log in

A Security Audit Framework for Security Management in the Enterprise

  • Conference paper
Global Security, Safety, and Sustainability (ICGS3 2009)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 45))

Abstract

The difficulty in managing security audits in organisations is investigated. A conceptual security audit framework is proposed and discussed. The proposed framework assists organisations to conduct security audits for today’s complex networks that spans across multiple domains, security estates and enterprise. Essential requirements such as types of security audits, things to consider before conducting a security audit, general guidelines in performing security audits, and audit trail analysis are well presented and discussed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Hayes, B.: Conducting a Security Audit: An Introductory Overview, Securityfocus (2003), http://www.securityfocus.com/infocus/1697

  2. ISACA, http://www.isaca.org/

  3. Lo, E.C., Marchand, M.: Security Audit: A Case Study. In: Proceeding of the CCECE, Niagara Falls, 0-7803-8253-6/04 © IEEE (May 2004)

    Google Scholar 

  4. Baharin, K.N., Md Din, N., Jamaludin, M., Md Tahir, N.: Third Party Security Audit Procedure for Network Environment. In: 4th National Conf. on Telecommunication Technology, Shah Alam, Malaysia (2003)

    Google Scholar 

  5. ISO/IEC – International Standard Organisation 27001:2005(E): Guide for Information Technology, Security Techniques, Information Security Mgt Systems and Requirements (2005)

    Google Scholar 

  6. Onwubiko, C.: Security Framework for Attack Detection in Computer Networks (December 2008) ISBN: 3639089340

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Intelligence and Security Assurance, E-Security Group, Research Series, London, UK

    Cyril Onwubiko

Authors
  1. Cyril Onwubiko
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computing and Information Technology and Engineering, University of East London, London, UK

    Hamid Jahankhani

  2. Systems Assurance, City University, London, UK

    Ali G. Hessami

  3. Integrated Risk Management, NASA GSFC, Greenbelt, MD, USA

    Feng Hsu

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Onwubiko, C. (2009). A Security Audit Framework for Security Management in the Enterprise. In: Jahankhani, H., Hessami, A.G., Hsu, F. (eds) Global Security, Safety, and Sustainability. ICGS3 2009. Communications in Computer and Information Science, vol 45. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04062-7_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-04062-7_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-04061-0

  • Online ISBN: 978-3-642-04062-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation