Limited version - please login or register to view the entire paper.
Information Security Audit of the Department of Information Systems, University of Melbourne
The University of Melbourne
615-667 E-Commerce Security
Semester 1, 2003
Project 2:
Information Security Audit
of the Department of Information Systems
- Report-
Sebastian Wiemann
Student No 172372
June 1st, 2003
TABLE OF CONTENTS
EXECUTIVE SUMMARY 3
PART I ¡V REPORT DETAILS
1 Audit Characteristics 4
1.1 Security Audit Objectives 4
1.2 Security Audit Issues 5
1.3 Scope 7
2 Evaluation of Controls 8
2.1 Access Control 8
2.1.1 Physical access control 8
2.1.2 Logical access control 8
2.1.3 Access Monitoring 9
2.1.4 Investigation of suspicious access 10
2.2 Application Software Development and Change Control 10
2.3 System Software Control 10
2.3.1 Limiting access to system software 11
2.3.2 Identification and control of access paths 11
2.3.3 Review of system software installations 12
2.4 Additional Computer Secur...
The University of Melbourne
615-667 E-Commerce Security
Semester 1, 2003
Project 2:
Information Security Audit
of the Department of Information Systems
- Report-
Sebastian Wiemann
Student No 172372
June 1st, 2003
TABLE OF CONTENTS
EXECUTIVE SUMMARY 3
PART I ¡V REPORT DETAILS
1 Audit Characteristics 4
1.1 Security Audit Objectives 4
1.2 Security Audit Issues 5
1.3 Scope 7
2 Evaluation of Controls 8
2.1 Access Control 8
2.1.1 Physical access control 8
2.1.2 Logical access control 8
2.1.3 Access Monitoring 9
2.1.4 Investigation of suspicious access 10
2.2 Application Software Development and Change Control 10
2.3 System Software Control 10
2.3.1 Limiting access to system software 11
2.3.2 Identification and control of access paths 11
2.3.3 Review of system software installations 12
2.4 Additional Computer Secur...
Posted by: Novelett Roberts
Limited version - please login or register to view the entire paper.