Information Security Training
from the Henderson Group 		This page is:
AUDIT TRAINING: HG70: Cross-Platform

Quick Links:

HOME PAGE

CONTACT US

INFOSEC TRAINING

IT AUDIT TRAINING

NEWSLETTERS AND USER GROUPS

ARTICLES PRIVACY STATEMENT

ABOUT US

OTHER INFO SOURCES


HG70: How to Audit Cross-Platform Applications


(2 Days, 16 CPE Credits; $820)


  • Currently available for in-house sessions
This class shows you how to audit the protection of an application's data when the data is kept on a mainframe computer connected to other platforms (that is, other models of computer such as UNIX, WIndows, Novell, and others). You will learn how to identify all the platforms involved and the network connections between them. Even if you aren't familiar with all the platforms, you will learn a straight-forward, simple approach to collect and analyze information on the security of each platform, and on the security of the entire cross-platform architecture. You will then learn how to audit the protection over your application's data in the light of these findings.

You will learn:

  • How to determine what platforms are involved and how they are connected
  • How the underlying hardware and software work
  • Where the control points are and how to evaluate them
  • What data to collect and how to interpret it
  • How to conduct the audit, from planning and scoping through follow-up
  • What all the related buzzwords and acronyms mean
  • How to conduct the audit rapidly and efficiently, with maximum benefit to your organization
The workbook is a valuable reference and includes a complete audit program.

For more information on seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels

Return to Top of Page

Return to Home Page


Who Should Attend HG70?

  • Information Techology auditors who will be auditing cross-platform applications
  • Financial auditors who want to learn more about IT auditing

Please note that you can save money by holding these classes in-house. Call Stu at (301) 229-7187 for details.

Note also the classes we offer for Information Security Training, as listed on the left under QUICK LINKS.

"A must for all information systems auditors."
--- Molly Eichhoefer, Florida DOT

"The Action Plans for Developing the Audit are an excellent tool and reference for use six months or a year from date of class."
---Bobbi Henry, IRS 

                      Table of Contents and Class Outline:
                HG70: How to Audit Cross-Platform Applications

I     Keywords and Concepts

   A.  Introduction
   B.  How Common Security Concepts are Reflected on Different Platforms
   C.  How Connecting Different Platforms Affects Security
   D.  What to Do If You Aren't Familiar with a Given Platform
   E.  Control Objectives
   F.  The Audit Program


II    Action Plan

   A.  Scoping, Planning, and Basic Data-Gathering
   B.  Evaluation of Each Platform's User Identification
   C.  Evaluation of Each Platform's Data Protection
   D.  Evaluation of Connection Security
   E.  Evaluation of the Protection for the Application's Data on All 
       Platforms
   F.  Wrap-up, Working Papers, Follow-up


III   Forms and Reference

   A.  Basic Security Model
   B.  Forms to Document Platforms and Links Between Them
   C.  Audit Plan
   D.  Model Documents
   E.  Security Details for Various Platforms
                UNIX Security Details
                Windows NT and Windows/2000 Security Details
                MVS with RACF Security Details
                MVS with ACF2 Security Details
                MVS with TopSecret Details
                CICS Security Details
                MQ Series Security Details
                DB2 Security Details
                TCP/IP Security Details

INDEX
Return to Top of Page

Return to Home Page