获得专家指导, 研究政策和程序,以便在IT审计和保证职业生涯中保持领先地位.
零信任审计计划
零信任是一种安全模型,它要求组织网络的所有用户都经过身份验证, 授权, 综述了, and validated periodically to ensure appropriate access privileges are granted and maintained and more importantly rights are deactivated when they are no longer needed to perform work duties.
谷歌云平台审计程序
随着谷歌的不断发展和普及® 云平台®),目前是第三大云服务提供商, ISACA has developed an audit program that helps auditors assess and test 控制 coverage adequacy and effectiveness of GCP® 服务.
身份和访问管理审核程序
ISACA的 身份和访问管理审核程序 provides specific testing and evaluation criteria to assist auditors in assessing the adequacy of safeguards in place to mitigate IAM risks.
物理和环境安全审计程序
网络安全 and audit practitioners may talk in terms of physical security being a part of cybersecurity or physical security being a subset of cybersecurity. 虽然在网络安全方面如何定义物理安全可能存在不同的意见, there is agreement that physical security may be overlooked while digital threats are considered from many perspectives.
COBIT为DevOps审计程序
ISACA开发了这个审计程序,作为COBIT重点领域:开发运维,使用COBIT的伙伴® 2019. The focus area publication describes how COBIT framework concepts apply to DevOps and is intended to help enterprises evaluate management practices important to the development of an effective governance system over DevOps.
目标:敏捷审计
目标:敏捷审计, you will find a history lesson on Agile—from its beginning to more recent adoption approaches—as well as insight into the benefits of incorporating Agile into enterprise audit practices. 获得敏捷审计工具集使用的预览, 学习提高专业敏捷能力的方法, 并了解敏捷审计实践如何成功地集成到传统的计划中, 实地考察, 审计项目的报告阶段.
资讯科技审核抽样指引(指引2208)
ISACA created the 信息技术 Audit Sampling guidelines (Guidelines 2208) as a companion to its 信息技术 Audit Framework (ITAF™). The purpose of these guidelines is to provide guidance to IT audit and assurance practitioners in designing and selecting an audit sample and evaluating sample results. 适当的抽样和评价有助于达到充分和适当证据的要求.
IT audit and assurance practitioners should consider these guidelines when reaching a conclusion about a total population when audit procedures are applied to less than 100 percent of that population.
Advance your expertise and add to your career potential or enterprise skillset with training developed and delivered by the experts in IT audit.
零信任审计计划
零信任是一种安全模型,它要求组织网络的所有用户都经过身份验证, 授权, 综述了, and validated periodically to ensure appropriate access privileges are granted and maintained and more importantly rights are deactivated when they are no longer needed to perform work duties.
查看IT审计出版物和资源
Gain additional insight and guidance on leveraging the 它的审计 framework to create and maintain the most effective techniques and understanding to manage 它的审计.