Trust, but verify: Audit trail protection gap in IT Governance
Audit log data has been used for different purposes for years and is considered a foundational element within auditing and assurances processes. Ever increasing demands from legislation, regulation and business efficiencies are placing greater importance on the audit log data. Though requirements for the integrity protection of audit log data is stipulated thought many legislative, regulatory and best practice documents, most implemented controls fail to directly address the integrity of the audit log data. The resulting risk may equate to manipulated data being used to support established reporting mechanisms for compliance, business decisions, audits and forensics. This presentation will seek provide insights on current IT Governance weaknesses and trends that are forming a large crack within organizations GRC controls Nadeem has more than 12 years of exclusive experience within the Information Security Industry 8 of which were spent within the management consulting firms of Ernst and Young and Deloitte. Subsequently he has held a senior position within a software start-up company providing technology direction to penetrate the Information Security Industry and has also provided strategic risk management consultancy to global blue chip organisations including Research in Motion, Bank of Montreal and Fidelity Investments. He is a graduate in Information Technology Security from the University of Westminster, a CISSP and CISM.
- Presenting
- Nadeem Bukhari, Kinamik Data Integrity, VP of Product Strategy
- Channel
- Governance, Risk, and Compliance
- Date
- Nov 17 2009
- Duration
- 2309
- Tags
- IT Governance, Kinamik, Nadeem, Bukhari
Flash is required to view this webcast/channel:
You need version 9.0.115.0 or later of the free Flash player from Adobe
to use this content.
To download and install the free player from Adobe's web site
click here.
