security

Computer Auditing and Security

I’ve worked for the past year on a computer security committee at work and just wanted to put a couple of items out here to spur my memory. The Information Systems Audit and Control Association & Foundation has two certifications CISA-Certified Information Systems Auditor and CISM-Certified Information Security Manager. They also provide the intriguing Control Objectives for Information and related Technology CobiT. A lot of the content of the CobiT framework seems to parallel some of the efforts I’ve worked on to create a strategic plan for our corporate IT department.