03-14-2001 10:27 PM - edited 03-08-2019 08:04 PM
What would someone need to do a complete security audit on a network from the inside and the outside? What kind of legal documents would I need and where can I find samples? Any good web sites?
Thanks for the reply.
Jacques
03-19-2001 02:20 PM
I actually looked into that and couldnt find too much information. Its worthwhile using a third party on this to have someone from the outside do the audit. What legalities concern you?
03-19-2001 03:03 PM
Hello Jacques, This sounds a lot like a system Certification and Accreditation that gov't organizations have to do on all of the sensitive systems.
There's a lot of "how to" type stuff at NIST:
Good luck!!! Tom
03-26-2001 08:14 PM
I've worked on several security audits (inside and outsite). I use what is called a "Get out of Jail" document that eliminates the liability that you might occure if in your audit you damage something. I also carry 1,000,000 insurance just in case. James Wilson jwilson@nmtg.com
05-10-2001 11:27 AM
Start with the Site Security Handbook... RFC-2196
http://www.cis.ohio-state.edu/Services/rfc/rfc-text/rfc2196.txt
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide