Network Security - Information Security Audits (word count 1200)
Which of the following would be part of an bi-annual corporate audit (see a-e) and what type of information would be gathered including which polices if any would apply?
(see attachment)
a)A review of background investigation materials for randomly selected security personnel.
b)An discussion with a small number of randomly selected employees about how they handle passwords.
c)Reviews of all firewall logs since the last security audit
d)A search of random employee PCs for P2P software used for illegally sharing music and corresponding music files (assume this is against corporate policy
e)An discussion with the division CIO about the performance review processes used for the security staff.