Home > Articles > How to Perform a Security Audit - Part 2

How to Perform a Security Audit - Part 2

Article Description

In her continuing look at what's involved in a security audit, Michelle Johnston explores the technical aspects that come into play – especially those related to e-business systems.

Like this article? We recommend

Designing Network Security

Designing Network Security


General Security Information

For anyone embarking on a security audit, a number of sources of information are available:

  • Web Security and Commerce (O'Reilly & Associates, 2001), by Simson Garfinkel and Gene Spafford, is a wealth of information about all general issues relating to security.

  • ASP, MTS, ADSI Web Security (Prentice Hall PTR, 1999), by Richard Harrison, is a good book for those involved in Microsoft Security audits.

A set of articles on various issues related to security is available at http://www.sans.org/infosecFAQ/securitybasics/basics_list.htm. General security questions are answered at http://www.w3.org/security/faq(although some of them are quite out-of-date, sadly).