A key responsibility for security professionals is representing organizations during audits, either internal or external. Since our
Question:
A key responsibility for security professionals is representing organizations during audits, either internal or external. Since our case study involves cybersecurity for a chemical facility, we'll be practicing this skill by responding to questions that might be generated by an inspector with the Department of Homeland Security (DHS). Consult the attached document to get your assigned audit question and post to the Wiki your question and answer so that we can share the learning experience.
Does PureLand use shared accounts for accessing computer systems? What are the risks associated with the use of shared accounts and how might you mitigate these risks?
If PureLand had a Cyber Security Incident take place (for example, an APT penetration), who would PureLand IT folks report the incident to internally and externally? How would they notify the Department of Homeland Security?
Accounting Information Systems The Crossroads of Accounting & IT
ISBN: 978-0132991322
2nd Edition
Authors: Donna Kay, Ali Ovlia