Abstract
The difficulty in managing security audits in organisations is investigated. A conceptual security audit framework is proposed and discussed. The proposed framework assists organisations to conduct security audits for today’s complex networks that spans across multiple domains, security estates and enterprise. Essential requirements such as types of security audits, things to consider before conducting a security audit, general guidelines in performing security audits, and audit trail analysis are well presented and discussed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Hayes, B.: Conducting a Security Audit: An Introductory Overview, Securityfocus (2003), http://www.securityfocus.com/infocus/1697
ISACA, http://www.isaca.org/
Lo, E.C., Marchand, M.: Security Audit: A Case Study. In: Proceeding of the CCECE, Niagara Falls, 0-7803-8253-6/04 © IEEE (May 2004)
Baharin, K.N., Md Din, N., Jamaludin, M., Md Tahir, N.: Third Party Security Audit Procedure for Network Environment. In: 4th National Conf. on Telecommunication Technology, Shah Alam, Malaysia (2003)
ISO/IEC – International Standard Organisation 27001:2005(E): Guide for Information Technology, Security Techniques, Information Security Mgt Systems and Requirements (2005)
Onwubiko, C.: Security Framework for Attack Detection in Computer Networks (December 2008) ISBN: 3639089340
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Onwubiko, C. (2009). A Security Audit Framework for Security Management in the Enterprise. In: Jahankhani, H., Hessami, A.G., Hsu, F. (eds) Global Security, Safety, and Sustainability. ICGS3 2009. Communications in Computer and Information Science, vol 45. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04062-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-04062-7_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04061-0
Online ISBN: 978-3-642-04062-7
eBook Packages: Computer ScienceComputer Science (R0)