This course concentrates on teaching the participants Application and Data Security Auditing by exploring the components that relate to each. This course does not cover either physical location security or personal security. The result of this class is to have the participants work together to comprise an IT Security Checklist that can be then used.
Students should have a good grasp of Technology and User Security Functions and possible Access to Security SME for question sampling.
3 Days/Lecture & Lab
This class is designed for Internal IT Auditors, IT management, External IT Auditors.
- Overall Security Policy
- Software Security
- User Authority
- Structure (Object/Command/PGM) Security
- Login Security
- Logging Security
- Error Recovery
- Programming Interfaces and Exit Programs
- Local and Remote Administrations and Configurations
- Application Interfaces to External Resources
- Database Tables
- Special Features
- Security checklist