[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Application/Software Documents

Posted on 2012-08-17
3
Medium Priority
?
426 Views
Last Modified: 2012-08-21
What kind of documentation do external auditors look for when they are coming to do an application audit?  

We have been informed they are looking for how the system is managed along with the security controls that have been put in place not only on the application itself but also on the servers that support it.  They have also mentioned that they will be reviewing supporting documentation but have not stated what.

I don't really want to ask them at the moment so what kind of documentation do you think an auditor would be looking for when they come to audit a system.
0
Comment
Question by:jdc1944
3 Comments
 
LVL 13

Accepted Solution

by:
Xaelian earned 2000 total points
ID: 38304758
Take a look at following PDF. Here is explained what the auditors will be looking for.

http://www.sans.org/reading_room/whitepapers/auditing/application-audit-process-guide-information-security-professionals_1534
0
 
LVL 7

Expert Comment

by:southpau1
ID: 38304863
What is the audit for?  FISMA? SOX? PCI? HIPAA?
0
 
LVL 2

Author Closing Comment

by:jdc1944
ID: 38315398
Many thanks for that, explains everything perfectly.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Rules and regulations were devised in order to maintain the integrity of a system. However, interpretation of rules can be quite tricky.
There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question