Towards Continuous Information Security Audit
نویسندگان
چکیده
Requirement engineering calls for continuous possibility to check whether latest changes of significant requirements are met by the target systems. This review is important because the environment of the system, if impacted by changes, may lead to new exposures. Current paper reports on knowledge gained during the attempt to move towards continuous security audit by extending one business process based security requirements identification method with the elements from audit area and the automated business process analysis method for identifying the points for the attention of audit.
منابع مشابه
Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis
Enterprise systems, real time recording and real time reporting pose new and significant challenges to the accounting and auditing professions. This includes developing methods and tools for continuous assurance and fraud detection. In this paper we propose a methodology for continuous fraud detection that exploits security audit logs, changes in master records and accounting audit trails in en...
متن کاملAuditing cloud storage for continuous storage security
Cloud storage permits users to remotely store their knowledge and revel in the on-demand top quality cloud applications while not the burden of native hardware and software package management. Though the advantages are clear, such a service is addition relinquishing users’ physical possession of their outsourced knowledge, which necessarily poses new security risks towards the correctness of th...
متن کاملApplication of a Collaborative Filtering Recommendation Algorithm Based on Cloud Model in Intrusion Detection
Intrusion detection is a computer network system that collects information on several key points. and it gets these information from the security audit, monitoring, attack recognition and response aspects, check if there are some the behavior and signs against the network security policy. The classification of data acquisition is a key part of intrusion detection. In this article, we use the da...
متن کاملProvide an optimal audit model to reduce fraudulent financial reporting
Fraud in financial reporting and accounting has grown significantly in recent years due to the financial crises created in companies, so that fraud has become a political and economic issue and today the legislature, the accounting profession and the causes The creation of fraud in it as well as the ways to deal with fraudulent behavior in financial statements have received special attention. T...
متن کاملA Top-Down Approach Towards Translating Organizational Security Policy Directives to System Audit Configuration
There is a significant gap between the stated objectives of organizational security found in corporate security policy and the audit configuration of event logs present on IT systems. Audit configuration has always been a bottom-up process. As a result, the design and implementation of audit configurations is often constrained by the audit management interface that often models operating system...
متن کامل