http://www.ouncelabs.com/audit/
IT AUDIT VETERAN OFFERS PEER-REVIEWED SOFTWARE SECURITY ASSURANCE FRAMEWORK
Take a look at the pdf release of Software Security Assurance - A Framework for Software Vulnerability Management and Audit. Mapped to relevant industry regulations and standards, including Sarbanes-Oxley, ISO 17799, COBIT, and COSO* controls, the Framework offers chief risk and compliance officers, audit teams, and security professionals guidance on effective software risk management controls.
Charles Le Grand, is the primary author, a previous director of the Institute of Internal Auditors Research Foundation, amd served as IIA’s CIO, and an auditor for over 30 years. The peer-reviewed Framework offers detailed audit checklists and defines the software security roles for all levels of management and technical responsibility across the enterprise. While you do have to register at the site, the 69 page document is available free of charge for use. The discussion of risk is one both professors and students will find beneficial.
IT AUDIT VETERAN OFFERS PEER-REVIEWED SOFTWARE SECURITY ASSURANCE FRAMEWORK
Take a look at the pdf release of Software Security Assurance - A Framework for Software Vulnerability Management and Audit. Mapped to relevant industry regulations and standards, including Sarbanes-Oxley, ISO 17799, COBIT, and COSO* controls, the Framework offers chief risk and compliance officers, audit teams, and security professionals guidance on effective software risk management controls.
Charles Le Grand, is the primary author, a previous director of the Institute of Internal Auditors Research Foundation, amd served as IIA’s CIO, and an auditor for over 30 years. The peer-reviewed Framework offers detailed audit checklists and defines the software security roles for all levels of management and technical responsibility across the enterprise. While you do have to register at the site, the 69 page document is available free of charge for use. The discussion of risk is one both professors and students will find beneficial.
<< Home