| 翻訳と辞書 |
| Information technology security audit : ウィキペディア英語版 |
Information technology security audit
A computer security audit is a manual or systematic measurable technical assessment of a system or application. Manual assessments include interviewing staff, performing security vulnerability scans, reviewing application and operating system access controls, and analyzing physical access to the systems. Automated assessments, or CAAT's, include system generated audit reports or using software to monitor and report changes to files and settings on a system. Systems can include personal computers, servers, mainframes, network routers, switches. Applications can include Web Services, Microsoft Project Central, Oracle Database. (examples only).
== Audit Event Reporting ==
During the last few decades systematic audit record generation (also called audit event reporting) can only be described as ad hoc. Ironically, in the early days of mainframe and mini-computing with large scale, single-vendor, custom software systems from companies such as IBM and Hewlett Packard, auditing was considered a mission-critical function. Over the last thirty years, commercial off-the-shelf (COTS) software applications and components, and micro computers have gradually replaced custom software and hardware as more cost-effective business management solutions.…
During this transition, the critical nature of audit event reporting gradually transformed into low priority customer requirements. Software consumers, having little else to fall back on, have simply accepted the lesser standards as normal. The consumer licenses of existing COTS software disclaim all liability for security, performance and data integrity issues.
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』
■ウィキペディアで「Information technology security audit」の詳細全文を読む
スポンサード リンク
| 翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|