SlideShare a Scribd company logo

Rothke Patchlink

Download as PPT, PDF
Ben Rothke
Ben Rothke

The document provides an overview of information security audits from an expert's perspective. It discusses how to prepare for an audit, what to expect during each phase, how to communicate with auditors, and tips for passing the audit, including having proper documentation, controls, policies, and management support. The goal is for the audit to be a learning experience and opportunity to improve the security program rather than a failure.

1 of 41
Anatomy of an Information Security Audit and How To Pass It Ben Rothke, CISSP CISM Senior Security Consultant INS
About Me ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Definition - Audit ,[object Object],[object Object],[object Object],[object Object]
Things to think about the audit process ,[object Object],[object Object]
Audit and regulations ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security and compliance are not rocket science ,[object Object],[object Object]
Frameworks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security vs. compliance ,[object Object],[object Object],[object Object],[object Object]
Management ,[object Object],[object Object],[object Object]
Don’t lie for management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Spaf’s Law ,[object Object],[object Object]
No surprises ,[object Object],[object Object]
One minute pre-audit ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Getting serious about security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Audit
Understanding the audit process - preparation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Understanding the audit process - preparation ,[object Object],[object Object],[object Object],[object Object]
Phases of an audit ,[object Object],[object Object],[object Object],[object Object]
Know what to expect ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Communicating with the auditors ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Communicating with the auditors ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Communicating with the auditors ,[object Object],[object Object],[object Object],[object Object]
Things that makes auditors nervous ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Know what to expect - Policies ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Know what to expect – Controls ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Control Objective / Practice Lists Control Objective General Control Practice Logical security tools and techniques are implemented, configured, and administered to enable restriction of access to data and programs. Network Firewalls restrict traffic into the internal network from all external sources to application that require strong authentication. Control Objective Application Control Practice Logical security tools and techniques are implemented, configured, and administered to enable restriction of access to data and programs. ,[object Object],[object Object],[object Object],Strong authentication is provided via Single-Sign-On.
Control Practice Description
Controls testing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Audit defense ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Program Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Program Management ,[object Object],[object Object],[object Object],[object Object]
Documentation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Documentation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Documentation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Staffing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The audit report ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The audit report ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Project plans for improvements ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Conclusion ,[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Question and Answers

Recommended

The information security audit
The information security auditThe information security audit
The information security audit
Dhani Ahmad
 
Security Audit Information – Physical
Security Audit Information – PhysicalSecurity Audit Information – Physical
Security Audit Information – PhysicalPLN9 Security Services Pvt. Ltd.
 
Security Audit View
Security Audit ViewSecurity Audit View
Security Audit ViewPLN9 Security Services Pvt. Ltd.
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit ProcessRam Srivastava
 
Security Audit Best-Practices
Security Audit Best-PracticesSecurity Audit Best-Practices
Security Audit Best-Practices
Marco Raposo
 
5.4 it security audit (mauritius)
5.4 it security audit (mauritius)5.4 it security audit (mauritius)
5.4 it security audit (mauritius)Corporate Registers Forum
 
Security audit
Security auditSecurity audit
Security audit
Rosaria Dee
 
Risk management ii
Risk management iiRisk management ii
Risk management ii
Dhani Ahmad
 

Recommended

The information security audit
The information security auditThe information security audit
The information security audit
Dhani Ahmad
 
Security Audit Information – Physical
Security Audit Information – PhysicalSecurity Audit Information – Physical
Security Audit Information – PhysicalPLN9 Security Services Pvt. Ltd.
 
Security Audit View
Security Audit ViewSecurity Audit View
Security Audit ViewPLN9 Security Services Pvt. Ltd.
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit ProcessRam Srivastava
 
Security Audit Best-Practices
Security Audit Best-PracticesSecurity Audit Best-Practices
Security Audit Best-Practices
Marco Raposo
 
5.4 it security audit (mauritius)
5.4 it security audit (mauritius)5.4 it security audit (mauritius)
5.4 it security audit (mauritius)Corporate Registers Forum
 
Security audit
Security auditSecurity audit
Security audit
Rosaria Dee
 
Risk management ii
Risk management iiRisk management ii
Risk management ii
Dhani Ahmad
 
IT System & Security Audit
IT System & Security AuditIT System & Security Audit
IT System & Security Audit
Mufaddal Nullwala
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security application
Rihab Chebbah
 
Security and Audit Report Sign-Off—Made Easy
Security and Audit Report Sign-Off—Made EasySecurity and Audit Report Sign-Off—Made Easy
Security and Audit Report Sign-Off—Made Easy
HelpSystems
 
Security policy
Security policySecurity policy
Security policy
Dhani Ahmad
 
Chapter008
Chapter008Chapter008
Chapter008Jeanie Delos Arcos
 
Chapter005
Chapter005Chapter005
Chapter005
Jeanie Delos Arcos
 
ITGC audit of ERPs
ITGC audit of ERPsITGC audit of ERPs
ITGC audit of ERPs
Jayesh Daga
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
Damilola Mosaku
 
Compliance
ComplianceCompliance
CompliancePriyank Hada
 
It Audit Expectations High Detail
It Audit Expectations High DetailIt Audit Expectations High Detail
It Audit Expectations High Detail
ecarrow
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT Auditors
Ed Tobias
 
Scope of work IT DD
Scope of work IT DDScope of work IT DD
Scope of work IT DD
Ivan Piskunov
 
IT General Controls
IT General ControlsIT General Controls
IT General Controls
Cicero Ray Rufino
 
HIPAA security risk assessments
HIPAA security risk assessmentsHIPAA security risk assessments
HIPAA security risk assessments
Jose Ivan Delgado, Ph.D.
 
Developing ics cyber security improvement plan(5)
Developing ics cyber security improvement plan(5)Developing ics cyber security improvement plan(5)
Developing ics cyber security improvement plan(5)
Nicole Valerio
 
Information security as an ongoing effort
Information security as an ongoing effortInformation security as an ongoing effort
Information security as an ongoing effort
Dhani Ahmad
 
Information Security Continuous Monitoring within a Risk Management Framework
Information Security Continuous Monitoring within a Risk Management FrameworkInformation Security Continuous Monitoring within a Risk Management Framework
Information Security Continuous Monitoring within a Risk Management Framework
William McBorrough
 
Auditing information System
Auditing information SystemAuditing information System
Auditing information System
Dr. Rosemarie Sibbaluca-Guirre
 
Steps in it audit
Steps in it auditSteps in it audit
Steps in it audit
kinjalmkothari92
 
The Fundamentals of HIPAA Privacy & Security Risk Management
The Fundamentals of HIPAA Privacy & Security Risk ManagementThe Fundamentals of HIPAA Privacy & Security Risk Management
The Fundamentals of HIPAA Privacy & Security Risk Management
KeySys Health
 
How to bust ghost verbs.
How to bust ghost verbs.How to bust ghost verbs.
How to bust ghost verbs.
AROSA Consultancy and Training P/L
 
The Rise of the Top 20 Ghost Verbs
The Rise of the Top 20 Ghost VerbsThe Rise of the Top 20 Ghost Verbs
The Rise of the Top 20 Ghost Verbs
AROSA Consultancy and Training P/L
 

More Related Content

What's hot

IT System & Security Audit
IT System & Security AuditIT System & Security Audit
IT System & Security Audit
Mufaddal Nullwala
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security application
Rihab Chebbah
 
Security and Audit Report Sign-Off—Made Easy
Security and Audit Report Sign-Off—Made EasySecurity and Audit Report Sign-Off—Made Easy
Security and Audit Report Sign-Off—Made Easy
HelpSystems
 
Security policy
Security policySecurity policy
Security policy
Dhani Ahmad
 
Chapter005
Chapter005Chapter005
Chapter005
Jeanie Delos Arcos
 
ITGC audit of ERPs
ITGC audit of ERPsITGC audit of ERPs
ITGC audit of ERPs
Jayesh Daga
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
Damilola Mosaku
 
It Audit Expectations High Detail
It Audit Expectations High DetailIt Audit Expectations High Detail
It Audit Expectations High Detail
ecarrow
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT Auditors
Ed Tobias
 
Scope of work IT DD
Scope of work IT DDScope of work IT DD
Scope of work IT DD
Ivan Piskunov
 
IT General Controls
IT General ControlsIT General Controls
IT General Controls
Cicero Ray Rufino
 
HIPAA security risk assessments
HIPAA security risk assessmentsHIPAA security risk assessments
HIPAA security risk assessments
Jose Ivan Delgado, Ph.D.
 
Developing ics cyber security improvement plan(5)
Developing ics cyber security improvement plan(5)Developing ics cyber security improvement plan(5)
Developing ics cyber security improvement plan(5)
Nicole Valerio
 
Information security as an ongoing effort
Information security as an ongoing effortInformation security as an ongoing effort
Information security as an ongoing effort
Dhani Ahmad
 
Information Security Continuous Monitoring within a Risk Management Framework
Information Security Continuous Monitoring within a Risk Management FrameworkInformation Security Continuous Monitoring within a Risk Management Framework
Information Security Continuous Monitoring within a Risk Management Framework
William McBorrough
 
Auditing information System
Auditing information SystemAuditing information System
Auditing information System
Dr. Rosemarie Sibbaluca-Guirre
 
Steps in it audit
Steps in it auditSteps in it audit
Steps in it audit
kinjalmkothari92
 
The Fundamentals of HIPAA Privacy & Security Risk Management
The Fundamentals of HIPAA Privacy & Security Risk ManagementThe Fundamentals of HIPAA Privacy & Security Risk Management
The Fundamentals of HIPAA Privacy & Security Risk Management
KeySys Health
 

What's hot (20)

IT System & Security Audit
IT System & Security AuditIT System & Security Audit
IT System & Security Audit
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security application
 
Security and Audit Report Sign-Off—Made Easy
Security and Audit Report Sign-Off—Made EasySecurity and Audit Report Sign-Off—Made Easy
Security and Audit Report Sign-Off—Made Easy
 
Security policy
Security policySecurity policy
Security policy
 
Chapter008
Chapter008Chapter008
Chapter008
 
Chapter005
Chapter005Chapter005
Chapter005
 
ITGC audit of ERPs
ITGC audit of ERPsITGC audit of ERPs
ITGC audit of ERPs
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
 
Compliance
ComplianceCompliance
Compliance
 
It Audit Expectations High Detail
It Audit Expectations High DetailIt Audit Expectations High Detail
It Audit Expectations High Detail
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT Auditors
 
Scope of work IT DD
Scope of work IT DDScope of work IT DD
Scope of work IT DD
 
IT General Controls
IT General ControlsIT General Controls
IT General Controls
 
HIPAA security risk assessments
HIPAA security risk assessmentsHIPAA security risk assessments
HIPAA security risk assessments
 
Developing ics cyber security improvement plan(5)
Developing ics cyber security improvement plan(5)Developing ics cyber security improvement plan(5)
Developing ics cyber security improvement plan(5)
 
Information security as an ongoing effort
Information security as an ongoing effortInformation security as an ongoing effort
Information security as an ongoing effort
 
Information Security Continuous Monitoring within a Risk Management Framework
Information Security Continuous Monitoring within a Risk Management FrameworkInformation Security Continuous Monitoring within a Risk Management Framework
Information Security Continuous Monitoring within a Risk Management Framework
 
Auditing information System
Auditing information SystemAuditing information System
Auditing information System
 
Steps in it audit
Steps in it auditSteps in it audit
Steps in it audit
 
The Fundamentals of HIPAA Privacy & Security Risk Management
The Fundamentals of HIPAA Privacy & Security Risk ManagementThe Fundamentals of HIPAA Privacy & Security Risk Management
The Fundamentals of HIPAA Privacy & Security Risk Management
 

Viewers also liked

How to bust ghost verbs.
How to bust ghost verbs.How to bust ghost verbs.
How to bust ghost verbs.
AROSA Consultancy and Training P/L
 
The Rise of the Top 20 Ghost Verbs
The Rise of the Top 20 Ghost VerbsThe Rise of the Top 20 Ghost Verbs
The Rise of the Top 20 Ghost Verbs
AROSA Consultancy and Training P/L
 
Irish Midlands Airport 2011
Irish Midlands Airport 2011Irish Midlands Airport 2011
Irish Midlands Airport 2011
P_Little
 
Passing internal and external audits with reporting and dashboards nov 2011
Passing internal and external audits with reporting and dashboards nov 2011Passing internal and external audits with reporting and dashboards nov 2011
Passing internal and external audits with reporting and dashboards nov 2011Scott Althouse
 
Passing internal and external audits with reporting and dashboards nov 2011
Passing internal and external audits with reporting and dashboards nov 2011Passing internal and external audits with reporting and dashboards nov 2011
Passing internal and external audits with reporting and dashboards nov 2011Scott Althouse
 
IBM Rational 8/16 Webinar Presentation
IBM Rational 8/16 Webinar PresentationIBM Rational 8/16 Webinar Presentation
IBM Rational 8/16 Webinar Presentation
Scott Althouse
 
Why should internal reporting be as efficiently written as external reporting?
Why should internal reporting be as efficiently written as external reporting?Why should internal reporting be as efficiently written as external reporting?
Why should internal reporting be as efficiently written as external reporting?
AROSA Consultancy and Training P/L
 
CISSPills #3.02
CISSPills #3.02CISSPills #3.02
CISSPills #3.02
Pierluigi Falcone, CISSP, CISM, CCSK, SABSA Foundation
 
Metodology Risk Assessment ISMS
Metodology Risk Assessment ISMSMetodology Risk Assessment ISMS
Metodology Risk Assessment ISMS
blodotaji
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Servicestschraider
 
Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice? Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice?
Patten John
 
CIS Audit Lecture # 1
CIS Audit Lecture # 1CIS Audit Lecture # 1
CIS Audit Lecture # 1Cheng Olayvar
 
Iso27001 Approach
Iso27001 ApproachIso27001 Approach
Iso27001 Approachtschraider
 
IS Audit and Internal Controls
IS Audit and Internal ControlsIS Audit and Internal Controls
IS Audit and Internal Controls
Bharath Rao
 
Social Engineering Audit & Security Awareness
Social Engineering Audit & Security AwarenessSocial Engineering Audit & Security Awareness
Social Engineering Audit & Security Awareness
CBIZ, Inc.
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeter
Ben Rothke
 
ISCA-CA Final
ISCA-CA FinalISCA-CA Final
ISCA-CA Final
Takshila Learning Pvt. Ltd.
 
Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1
Yasir Khan
 
Audit of it infrastructure
Audit of it infrastructureAudit of it infrastructure
Audit of it infrastructure
pramod_kmr73
 

Viewers also liked (20)

How to bust ghost verbs.
How to bust ghost verbs.How to bust ghost verbs.
How to bust ghost verbs.
 
The Rise of the Top 20 Ghost Verbs
The Rise of the Top 20 Ghost VerbsThe Rise of the Top 20 Ghost Verbs
The Rise of the Top 20 Ghost Verbs
 
Irish Midlands Airport 2011
Irish Midlands Airport 2011Irish Midlands Airport 2011
Irish Midlands Airport 2011
 
Passing internal and external audits with reporting and dashboards nov 2011
Passing internal and external audits with reporting and dashboards nov 2011Passing internal and external audits with reporting and dashboards nov 2011
Passing internal and external audits with reporting and dashboards nov 2011
 
Passing internal and external audits with reporting and dashboards nov 2011
Passing internal and external audits with reporting and dashboards nov 2011Passing internal and external audits with reporting and dashboards nov 2011
Passing internal and external audits with reporting and dashboards nov 2011
 
IBM Rational 8/16 Webinar Presentation
IBM Rational 8/16 Webinar PresentationIBM Rational 8/16 Webinar Presentation
IBM Rational 8/16 Webinar Presentation
 
Why should internal reporting be as efficiently written as external reporting?
Why should internal reporting be as efficiently written as external reporting?Why should internal reporting be as efficiently written as external reporting?
Why should internal reporting be as efficiently written as external reporting?
 
CISSPills #3.02
CISSPills #3.02CISSPills #3.02
CISSPills #3.02
 
AIS Lecture 1
AIS Lecture 1AIS Lecture 1
AIS Lecture 1
 
Metodology Risk Assessment ISMS
Metodology Risk Assessment ISMSMetodology Risk Assessment ISMS
Metodology Risk Assessment ISMS
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Services
 
Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice? Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice?
 
CIS Audit Lecture # 1
CIS Audit Lecture # 1CIS Audit Lecture # 1
CIS Audit Lecture # 1
 
Iso27001 Approach
Iso27001 ApproachIso27001 Approach
Iso27001 Approach
 
IS Audit and Internal Controls
IS Audit and Internal ControlsIS Audit and Internal Controls
IS Audit and Internal Controls
 
Social Engineering Audit & Security Awareness
Social Engineering Audit & Security AwarenessSocial Engineering Audit & Security Awareness
Social Engineering Audit & Security Awareness
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeter
 
ISCA-CA Final
ISCA-CA FinalISCA-CA Final
ISCA-CA Final
 
Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1
 
Audit of it infrastructure
Audit of it infrastructureAudit of it infrastructure
Audit of it infrastructure
 

Similar to Rothke Patchlink

Security policy.pdf
Security policy.pdfSecurity policy.pdf
Security policy.pdf
Md. Sajjat Hossain
 
Managing Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital AgeManaging Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital Age
Perficient, Inc.
 
For our discussion question, we focus on recent trends in security t.pdf
For our discussion question, we focus on recent trends in security t.pdfFor our discussion question, we focus on recent trends in security t.pdf
For our discussion question, we focus on recent trends in security t.pdf
alokkesh
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
amiable_indian
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael
Priyanka Aash
 
DeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without ItDeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without It
Emerson Exchange
 
Audit and Compliance BDR Knowledge Training
Audit and Compliance BDR Knowledge TrainingAudit and Compliance BDR Knowledge Training
Audit and Compliance BDR Knowledge TrainingTory Quinton
 
7 steps to build an effective corporate compliance strategy
7 steps to build an effective corporate compliance strategy7 steps to build an effective corporate compliance strategy
7 steps to build an effective corporate compliance strategy
Maarten BOONEN
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
Joel Cardella
 
2009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-20092009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-2009
asundaram1
 
CHAPTER 5 Security Policies, Standards, Procedures, a
CHAPTER 5 Security Policies, Standards, Procedures, aCHAPTER 5 Security Policies, Standards, Procedures, a
CHAPTER 5 Security Policies, Standards, Procedures, a
MaximaSheffield592
 
Tips For Being Compliance Ready
Tips For Being Compliance ReadyTips For Being Compliance Ready
Tips For Being Compliance Ready
Peak 10
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioieh
Anne Starr
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymond
spencerharry
 
The Basics of Security and Risk Analysis
The Basics of Security and Risk AnalysisThe Basics of Security and Risk Analysis
The Basics of Security and Risk Analysislearfield
 
2009 04 21 Ntihi Faculty Course 110
2009 04 21 Ntihi Faculty Course 1102009 04 21 Ntihi Faculty Course 110
2009 04 21 Ntihi Faculty Course 110
tmdonoesq
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security Management
Mark Conway
 
How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach
Abhishek Sood
 
ISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_IntindoloISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_IntindoloJohn Intindolo
 

Similar to Rothke Patchlink (20)

Security policy.pdf
Security policy.pdfSecurity policy.pdf
Security policy.pdf
 
Managing Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital AgeManaging Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital Age
 
Testing
TestingTesting
Testing
 
For our discussion question, we focus on recent trends in security t.pdf
For our discussion question, we focus on recent trends in security t.pdfFor our discussion question, we focus on recent trends in security t.pdf
For our discussion question, we focus on recent trends in security t.pdf
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael
 
DeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without ItDeltaV Security - Don’t Let Your Business Be Caught Without It
DeltaV Security - Don’t Let Your Business Be Caught Without It
 
Audit and Compliance BDR Knowledge Training
Audit and Compliance BDR Knowledge TrainingAudit and Compliance BDR Knowledge Training
Audit and Compliance BDR Knowledge Training
 
7 steps to build an effective corporate compliance strategy
7 steps to build an effective corporate compliance strategy7 steps to build an effective corporate compliance strategy
7 steps to build an effective corporate compliance strategy
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
 
2009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-20092009 iapp-the corpprivacydeptmar13-2009
2009 iapp-the corpprivacydeptmar13-2009
 
CHAPTER 5 Security Policies, Standards, Procedures, a
CHAPTER 5 Security Policies, Standards, Procedures, aCHAPTER 5 Security Policies, Standards, Procedures, a
CHAPTER 5 Security Policies, Standards, Procedures, a
 
Tips For Being Compliance Ready
Tips For Being Compliance ReadyTips For Being Compliance Ready
Tips For Being Compliance Ready
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioieh
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymond
 
The Basics of Security and Risk Analysis
The Basics of Security and Risk AnalysisThe Basics of Security and Risk Analysis
The Basics of Security and Risk Analysis
 
2009 04 21 Ntihi Faculty Course 110
2009 04 21 Ntihi Faculty Course 1102009 04 21 Ntihi Faculty Course 110
2009 04 21 Ntihi Faculty Course 110
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security Management
 
How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach
 
ISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_IntindoloISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_Intindolo
 

More from Ben Rothke

Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
Ben Rothke
 
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Ben Rothke
 
Rothke rsa 2013 - the five habits of highly secure organizations
Rothke rsa 2013 - the five habits of highly secure organizationsRothke rsa 2013 - the five habits of highly secure organizations
Rothke rsa 2013 - the five habits of highly secure organizations
Ben Rothke
 
Rothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionRothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryption
Ben Rothke
 
E5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryptionE5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryption
Ben Rothke
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systems
Ben Rothke
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
Ben Rothke
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeter
Ben Rothke
 
Lessons from ligatt from national cyber security nationalcybersecurity com
Lessons from ligatt from national cyber security nationalcybersecurity comLessons from ligatt from national cyber security nationalcybersecurity com
Lessons from ligatt from national cyber security nationalcybersecurity com
Ben Rothke
 
Lessons from ligatt
Lessons from ligattLessons from ligatt
Lessons from ligatt
Ben Rothke
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothke
Ben Rothke
 
Infosecurity Needs Its T.J. Hooper
Infosecurity Needs Its T.J. HooperInfosecurity Needs Its T.J. Hooper
Infosecurity Needs Its T.J. Hooper
Ben Rothke
 
Rothke effective data destruction practices
Rothke effective data destruction practicesRothke effective data destruction practices
Rothke effective data destruction practicesBen Rothke
 
Rothke computer forensics show 2010
Rothke computer forensics show 2010Rothke computer forensics show 2010
Rothke computer forensics show 2010
Ben Rothke
 
The Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeThe Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - Rothke
Ben Rothke
 
Webinar - Getting a handle on wireless security for PCI DSS Compliance
Webinar - Getting a handle on wireless security for PCI DSS ComplianceWebinar - Getting a handle on wireless security for PCI DSS Compliance
Webinar - Getting a handle on wireless security for PCI DSS Compliance
Ben Rothke
 
La nécessité de la dlp aujourd’hui un livre blanc clearswift
La nécessité de la dlp aujourd’hui un livre blanc clearswiftLa nécessité de la dlp aujourd’hui un livre blanc clearswift
La nécessité de la dlp aujourd’hui un livre blanc clearswift
Ben Rothke
 
The Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperThe Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White Paper
Ben Rothke
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security
Ben Rothke
 

More from Ben Rothke (20)

Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
 
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
 
Rothke rsa 2013 - the five habits of highly secure organizations
Rothke rsa 2013 - the five habits of highly secure organizationsRothke rsa 2013 - the five habits of highly secure organizations
Rothke rsa 2013 - the five habits of highly secure organizations
 
Rothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionRothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryption
 
E5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryptionE5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryption
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systems
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeter
 
Lessons from ligatt from national cyber security nationalcybersecurity com
Lessons from ligatt from national cyber security nationalcybersecurity comLessons from ligatt from national cyber security nationalcybersecurity com
Lessons from ligatt from national cyber security nationalcybersecurity com
 
Lessons from ligatt
Lessons from ligattLessons from ligatt
Lessons from ligatt
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothke
 
Infosecurity Needs Its T.J. Hooper
Infosecurity Needs Its T.J. HooperInfosecurity Needs Its T.J. Hooper
Infosecurity Needs Its T.J. Hooper
 
Rothke effective data destruction practices
Rothke effective data destruction practicesRothke effective data destruction practices
Rothke effective data destruction practices
 
Rothke computer forensics show 2010
Rothke computer forensics show 2010Rothke computer forensics show 2010
Rothke computer forensics show 2010
 
The Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeThe Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - Rothke
 
Webinar - Getting a handle on wireless security for PCI DSS Compliance
Webinar - Getting a handle on wireless security for PCI DSS ComplianceWebinar - Getting a handle on wireless security for PCI DSS Compliance
Webinar - Getting a handle on wireless security for PCI DSS Compliance
 
La nécessité de la dlp aujourd’hui un livre blanc clearswift
La nécessité de la dlp aujourd’hui un livre blanc clearswiftLa nécessité de la dlp aujourd’hui un livre blanc clearswift
La nécessité de la dlp aujourd’hui un livre blanc clearswift
 
The Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperThe Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White Paper
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security
 

Recently uploaded

UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
UiPathCommunity
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 

Recently uploaded (20)

UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 

Rothke Patchlink

  • 1. Anatomy of an Information Security Audit and How To Pass It Ben Rothke, CISSP CISM Senior Security Consultant INS
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.