Archive for December 2nd, 2008
IT Security Assessment Task
Kalau ada yang menyebutkan mengenai IT security assessment/IT Audit biasanya hal yang dilakukan meliputi beberapa task di bawah ini.
|
Term |
Definition |
Purpose |
| Gap assessment | A review of security controls against a standard | To provide a list of controls required to become compliant |
| Compliance audit | A Verification that all required security controls are in place | To attest to an organization’s compliance with a standard |
| Security audit | A verification that specified security controls are in place | To attest to an organization’s adherence to industry standards |
| Penetration testing | A methodical and planned attack on a system’s security controls | To test the adequacy of security controls in place |
| Vulnerability scanning | An element of penetration testing that searches for obvious vulnerabilities |
To test for the existence of obvious vulnerabilities in the system’s security controls |
