May 27th, 2004, 07:50 PM
Do you guys have to deal with these? I have no idea what I am doing but I will be in charge of the Network Audits. we have an internal Audit and the FDIC.
any suggestions on where to get info or how these nomaly work?
14 We know that the law is spiritual; but I am unspiritual, sold as a slave to sin. 15 I do not understand what I do. For what I want to do I do not do, but what I hate I do. 16 And if I do what I do not want to do, I agree that the law is good. 17 As it is, it is no longer I myself who do it, but it is sin living in me. 18 I know that nothing good lives in me, that is, in my sinful nature. For I have the desire to do what is good, but I cannot carry it out.
May 27th, 2004, 08:45 PM
Check out my thread "Network Vulnerability Assessment".
May 27th, 2004, 09:07 PM
Try not to overlook....DOCUMENTATION!!
To any decent auditor, lack of operational documentation is a great reason to score
you and/or your department low.
Disaster recovery processes in particular.
We do a ton of work for the Defense Logistics Agency. Their audits are tough..
Properly prepared documentation seems to paint more smiles on the suits than
Although not often admitted, many in the infosec industry avoid correct documentation
operating under the guise that it de-values their expertise. I use it as a selling point.
I'll throw together a tutorial if enough show interest.
May 27th, 2004, 11:01 PM
INTEREST SHOWN. Do it.
May 28th, 2004, 02:12 AM
Jason1977 you keep asking about letting people use apps. like aim and online radio. I assume these are people at the bank you work at? As MsM has posted, look at your AUP and see if any of these apps. are allowed. As far as FDIC auditing is concerned, check out these pages for more info
As someone else stated, let us know which bank this is so I can look elswhere for my banking needs
Just kidding, the little money that I have is safe and sound in my freezer