SAPLIB

The environment of the data center will come under scrutiny as well. Not only will the auditors examine the physical access controls to the data center but they will also examine the suitability of the data center to house sensitive information and systems. As such the following items are examined
- The structure of the walls, ceiling, and floor
- The security of the wiring
- Fire suppression
- Environmental controls
- Power (more…)

Popularity: 38% [?]

Logical access controls determine which individuals have access to what information. Some of the items examined here are mechanisms in place on computer and network systems and some pertain to the overall architecture of the offerings provided by the organization. Some of the items that will be investigated include
- Individuals who have access to client information
- Individuals with privileged access to network devices such as firewalls and routers and computer systems
- Appropriateness of individual access to job function
- Appropriateness of user management procedures to identify dormant and unused accounts and to determine individual access
- Restriction of customer access to prevent the sharing of information
- Mechanisms in place to prevent unauthorized access to client information (both with regard to other clients and employees)

The information that is necessary to evaluate these issues is not solely related to the controls on the computer systems. The auditors will need to understand the underlying architecture that separates sensitive information and the procedures used by the organization to manage user access effectively.

Popularity: 41% [?]

SAP Security In-Depth is a free technical publication leaded by the Onapsis Research Labs with the purpose of providing specialized information about the current and future risks in the SAP security field, allowing all the different actors (financial managers, information security managers, SAP administrators, auditors, consultants and the general professional community) to better understand the involved risks and the techniques and tools available to assess and mitigate them. (more…)

Popularity: 66% [?]

Download Free Wireless LAN Security Policy Checklist
- Identify who may use WLAN technology in an company
- Identify whether Internet access is required
- Describe who can install access points and other wireless equipment
- Provide limitations on the location of and physical security for access points
- Describe the type of information that may be sent over wireless links
- Describe conditions under which wireless devices are allowed (more…)

Popularity: 69% [?]

Download free IT Planning and Value Enhancement Checklist
- Does your company have a documented and established IT planning process and is IT planning aligned with corporate planning?
- Does the IT planning process combine planning content and monetary variables?
- Has the smooth cooperation between the IT department and business units and centralized and decentralized units been ensured for your IT planning system? (more…)

Popularity: 44% [?]