SlideShare a Scribd company logo

Security Audit- Physical and Information

PLN9 Security Services Pvt. Ltd.
PLN9 Security Services Pvt. Ltd.

This document summarizes information about performing a security audit. It discusses examining physical security by checking where systems are located and who can access them. It also recommends verifying that security guards are employed and have been properly vetted. The document outlines that audits can be external, internal, or self-conducted. The main objectives of an audit are to assess the adequacy of security measures, physical security risk management processes, and verification that roles and responsibilities for security are clearly defined.

1 of 9
Security Audit- Information –Physical © COPYRIGHT PLN9 SECURITY SERVICES PVT. LTD. ALL RIGHTS RESERVED PLN9, A Complete Security Solution In Association With Tyco
Introduction
1- Security audit is an audit on the level of information security in an organization. Within the broad scope of auditing information security there are multiple types of audits, multiple objectives for different audits, etc. Most commonly the controls being audited can be categorized to technical, physical and administrative. 2- Auditing information security covers topics from auditing the physical security of data centers to auditing the logical security of databases and highlights key components to look for and different methods for auditing these areas.
• 1-In examining physical security, the auditor should be concerned with where the system is physically located and which physical locations it can be accessed from. • 2- It may be necessary to check that security guards are employed to guard against intruders (and that they—and the company they work for— are trustworthy and reliable and have been subjected to a police check). How to Perform a Security Audit
Types Of Audits
1- External : These are conducted by a third party 2- Internal : Corporate : By headquarters or Personnel from other units of the same company. 3- Self : In –house – by the plant personnel themselves.
Audits Objectives
1- The main objective of the audit is to assess the adequacy and effectiveness of EC’s security measures and management controls, through four specific objectives focusing on high-risk areas. 2- To assess the adequacy of the physical security threat identification and risk management process, with a focus on activities performed at the facility level. 3- To determine whether roles and responsibilities of all parties involved in departmental physical security are clearly defined, performed by the appropriate party, and cover the span of security activity, as defined by the TB Policy on Government Security;
Thank you

Recommended

IT System & Security Audit
IT System & Security AuditIT System & Security Audit
IT System & Security AuditMufaddal Nullwala
 
Security Audit View
Security Audit ViewSecurity Audit View
Security Audit ViewPLN9 Security Services Pvt. Ltd.
 
Security audit
Security auditSecurity audit
Security auditRosaria Dee
 
The information security audit
The information security auditThe information security audit
The information security auditDhani Ahmad
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit ProcessRam Srivastava
 
CISA Review Course Slides - Part1
CISA Review Course Slides - Part1CISA Review Course Slides - Part1
CISA Review Course Slides - Part1Iyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Information risk management
Information risk managementInformation risk management
Information risk managementAkash Saraswat
 
Security Audit Best-Practices
Security Audit Best-PracticesSecurity Audit Best-Practices
Security Audit Best-PracticesMarco Raposo
 

Recommended

IT System & Security Audit
IT System & Security AuditIT System & Security Audit
IT System & Security AuditMufaddal Nullwala
 
Security Audit View
Security Audit ViewSecurity Audit View
Security Audit ViewPLN9 Security Services Pvt. Ltd.
 
Security audit
Security auditSecurity audit
Security auditRosaria Dee
 
The information security audit
The information security auditThe information security audit
The information security auditDhani Ahmad
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit ProcessRam Srivastava
 
CISA Review Course Slides - Part1
CISA Review Course Slides - Part1CISA Review Course Slides - Part1
CISA Review Course Slides - Part1Iyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Information risk management
Information risk managementInformation risk management
Information risk managementAkash Saraswat
 
Security Audit Best-Practices
Security Audit Best-PracticesSecurity Audit Best-Practices
Security Audit Best-PracticesMarco Raposo
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsKarthikeyan Dhayalan
 
Lecture 2: The Concept of Enterprise Architecture
Lecture 2: The Concept of Enterprise ArchitectureLecture 2: The Concept of Enterprise Architecture
Lecture 2: The Concept of Enterprise ArchitectureSvyatoslav Kotusev
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
 
Information security management system
Information security management systemInformation security management system
Information security management systemArani Srinivasan
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewFemi Ashaye
 
03.2 application control
03.2 application control03.2 application control
03.2 application controlMulyadi Yusuf
 
Cybersecurity Skills Audit
Cybersecurity Skills AuditCybersecurity Skills Audit
Cybersecurity Skills AuditVilius Benetis
 
Threat Modeling Everything
Threat Modeling EverythingThreat Modeling Everything
Threat Modeling EverythingAnne Oikarinen
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.AbutalebFahmi Albaheth
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
Meaningfull security metrics
Meaningfull security metricsMeaningfull security metrics
Meaningfull security metricsVladimir Jirasek
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyEryk Budi Pratama
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditingDamilola Mosaku
 
Master IT balanced scorecard (final).pptx
Master IT balanced scorecard (final).pptxMaster IT balanced scorecard (final).pptx
Master IT balanced scorecard (final).pptxGlen Alleman
 
Architecture Series 5-5 Effective Enterprise Architecture Action Plan
Architecture Series 5-5 Effective Enterprise Architecture Action PlanArchitecture Series 5-5 Effective Enterprise Architecture Action Plan
Architecture Series 5-5 Effective Enterprise Architecture Action PlanFrankie Hsiang
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)Cyril Soeri
 
Soc and siem and threat hunting
Soc and siem and threat huntingSoc and siem and threat hunting
Soc and siem and threat huntingVikas Jain
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
Safe audit
Safe auditSafe audit
Safe auditPLN9 Security Services Pvt. Ltd.
 
ISACA Cybersecurity Audit course brochure
ISACA Cybersecurity Audit course brochureISACA Cybersecurity Audit course brochure
ISACA Cybersecurity Audit course brochureThilak Pathirage -Senior IT Gov and Risk Consultant
 

More Related Content

What's hot

CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsKarthikeyan Dhayalan
 
Lecture 2: The Concept of Enterprise Architecture
Lecture 2: The Concept of Enterprise ArchitectureLecture 2: The Concept of Enterprise Architecture
Lecture 2: The Concept of Enterprise ArchitectureSvyatoslav Kotusev
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
 
Information security management system
Information security management systemInformation security management system
Information security management systemArani Srinivasan
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewFemi Ashaye
 
03.2 application control
03.2 application control03.2 application control
03.2 application controlMulyadi Yusuf
 
Cybersecurity Skills Audit
Cybersecurity Skills AuditCybersecurity Skills Audit
Cybersecurity Skills AuditVilius Benetis
 
Threat Modeling Everything
Threat Modeling EverythingThreat Modeling Everything
Threat Modeling EverythingAnne Oikarinen
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.AbutalebFahmi Albaheth
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
Meaningfull security metrics
Meaningfull security metricsMeaningfull security metrics
Meaningfull security metricsVladimir Jirasek
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyEryk Budi Pratama
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditingDamilola Mosaku
 
Master IT balanced scorecard (final).pptx
Master IT balanced scorecard (final).pptxMaster IT balanced scorecard (final).pptx
Master IT balanced scorecard (final).pptxGlen Alleman
 
Architecture Series 5-5 Effective Enterprise Architecture Action Plan
Architecture Series 5-5 Effective Enterprise Architecture Action PlanArchitecture Series 5-5 Effective Enterprise Architecture Action Plan
Architecture Series 5-5 Effective Enterprise Architecture Action PlanFrankie Hsiang
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)Cyril Soeri
 
Soc and siem and threat hunting
Soc and siem and threat huntingSoc and siem and threat hunting
Soc and siem and threat huntingVikas Jain
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 

What's hot (20)

CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security Concepts
 
Lecture 2: The Concept of Enterprise Architecture
Lecture 2: The Concept of Enterprise ArchitectureLecture 2: The Concept of Enterprise Architecture
Lecture 2: The Concept of Enterprise Architecture
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
 
Information security management system
Information security management systemInformation security management system
Information security management system
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick Overview
 
03.2 application control
03.2 application control03.2 application control
03.2 application control
 
Cybersecurity Skills Audit
Cybersecurity Skills AuditCybersecurity Skills Audit
Cybersecurity Skills Audit
 
Threat Modeling Everything
Threat Modeling EverythingThreat Modeling Everything
Threat Modeling Everything
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security Framework
 
Meaningfull security metrics
Meaningfull security metricsMeaningfull security metrics
Meaningfull security metrics
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
 
Master IT balanced scorecard (final).pptx
Master IT balanced scorecard (final).pptxMaster IT balanced scorecard (final).pptx
Master IT balanced scorecard (final).pptx
 
Architecture Series 5-5 Effective Enterprise Architecture Action Plan
Architecture Series 5-5 Effective Enterprise Architecture Action PlanArchitecture Series 5-5 Effective Enterprise Architecture Action Plan
Architecture Series 5-5 Effective Enterprise Architecture Action Plan
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
 
CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)
 
Soc and siem and threat hunting
Soc and siem and threat huntingSoc and siem and threat hunting
Soc and siem and threat hunting
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 

Similar to Security Audit- Physical and Information

Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdfCyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdfCyber Security Experts
 
Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2Chinatu Uzuegbu
 
11What is Security 1.1 Introduction The central role of co.docx
11What is Security 1.1 Introduction The central role of co.docx11What is Security 1.1 Introduction The central role of co.docx
11What is Security 1.1 Introduction The central role of co.docxmoggdede
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Controls in Audit.pptx
Controls in Audit.pptxControls in Audit.pptx
Controls in Audit.pptxHardikKundra
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & complianceVandana Verma
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security ManagementMark Conway
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionVivek Maurya
 
6 benefits of internal auditing
6 benefits of internal auditing6 benefits of internal auditing
6 benefits of internal auditingSALIH AHMED ISLAM
 
BLE 1213 MUST.pptx- basics principles of Physical Security
BLE 1213 MUST.pptx- basics principles of Physical SecurityBLE 1213 MUST.pptx- basics principles of Physical Security
BLE 1213 MUST.pptx- basics principles of Physical SecurityMajor K. Subramaniam Kmaravehlu
 
Module 3_Lesson 7.pptx
Module 3_Lesson 7.pptxModule 3_Lesson 7.pptx
Module 3_Lesson 7.pptxcejobelle
 
Security Proposal for High Profile/Government Individual
Security Proposal for High Profile/Government IndividualSecurity Proposal for High Profile/Government Individual
Security Proposal for High Profile/Government IndividualDayo Olujekun
 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...abhichowdary16
 
The Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentThe Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentBradley Susser
 
Compare and Contrast Security Controls and Framework Types
Compare and Contrast Security Controls and Framework TypesCompare and Contrast Security Controls and Framework Types
Compare and Contrast Security Controls and Framework TypesLearningwithRayYT
 

Similar to Security Audit- Physical and Information (20)

Safe audit
Safe auditSafe audit
Safe audit
 
ISACA Cybersecurity Audit course brochure
ISACA Cybersecurity Audit course brochureISACA Cybersecurity Audit course brochure
ISACA Cybersecurity Audit course brochure
 
Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdfCyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
Cyber Audit | Cyber Crime | Network Security | Cyber Security Audit- 2023.pdf
 
Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2
 
11What is Security 1.1 Introduction The central role of co.docx
11What is Security 1.1 Introduction The central role of co.docx11What is Security 1.1 Introduction The central role of co.docx
11What is Security 1.1 Introduction The central role of co.docx
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Controls in Audit.pptx
Controls in Audit.pptxControls in Audit.pptx
Controls in Audit.pptx
 
Compliance
ComplianceCompliance
Compliance
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & compliance
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security Management
 
Ise viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solutionIse viii-information and network security [10 is835]-solution
Ise viii-information and network security [10 is835]-solution
 
6 benefits of internal auditing
6 benefits of internal auditing6 benefits of internal auditing
6 benefits of internal auditing
 
BLE 1213 MUST.pptx- basics principles of Physical Security
BLE 1213 MUST.pptx- basics principles of Physical SecurityBLE 1213 MUST.pptx- basics principles of Physical Security
BLE 1213 MUST.pptx- basics principles of Physical Security
 
Module 3_Lesson 7.pptx
Module 3_Lesson 7.pptxModule 3_Lesson 7.pptx
Module 3_Lesson 7.pptx
 
Security Proposal for High Profile/Government Individual
Security Proposal for High Profile/Government IndividualSecurity Proposal for High Profile/Government Individual
Security Proposal for High Profile/Government Individual
 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
 
The Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentThe Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk Assessment
 
HIPAA omnibus rule update
HIPAA omnibus rule updateHIPAA omnibus rule update
HIPAA omnibus rule update
 
Compare and Contrast Security Controls and Framework Types
Compare and Contrast Security Controls and Framework TypesCompare and Contrast Security Controls and Framework Types
Compare and Contrast Security Controls and Framework Types
 

More from PLN9 Security Services Pvt. Ltd.

More from PLN9 Security Services Pvt. Ltd. (20)

Port security
Port securityPort security
Port security
 
Patrolling
PatrollingPatrolling
Patrolling
 
Types of Security Services
Types of Security ServicesTypes of Security Services
Types of Security Services
 
Smms corporate presentation ppt
Smms corporate presentation pptSmms corporate presentation ppt
Smms corporate presentation ppt
 
Corporate Presentation (solar plants)
Corporate Presentation (solar plants)Corporate Presentation (solar plants)
Corporate Presentation (solar plants)
 
Physical Security
Physical SecurityPhysical Security
Physical Security
 
Negotiation Skill
Negotiation SkillNegotiation Skill
Negotiation Skill
 
Physical Security and Digital Security
Physical Security and Digital SecurityPhysical Security and Digital Security
Physical Security and Digital Security
 
Security Awareness
Security AwarenessSecurity Awareness
Security Awareness
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Motivational Skills
Motivational SkillsMotivational Skills
Motivational Skills
 
Types of Soft Skills
Types of Soft Skills Types of Soft Skills
Types of Soft Skills
 
Physical Security and Digital Security
Physical Security and Digital SecurityPhysical Security and Digital Security
Physical Security and Digital Security
 
How to Teach Soft Skills
How to Teach Soft SkillsHow to Teach Soft Skills
How to Teach Soft Skills
 
Campus Security
Campus SecurityCampus Security
Campus Security
 
Managing Conflicts @ Workplace
Managing Conflicts @ WorkplaceManaging Conflicts @ Workplace
Managing Conflicts @ Workplace
 
ATM Security Tips
ATM Security TipsATM Security Tips
ATM Security Tips
 
Powerful Presentation Skills
Powerful Presentation SkillsPowerful Presentation Skills
Powerful Presentation Skills
 
Personality Development
Personality DevelopmentPersonality Development
Personality Development
 
'Leadership & Executive Coaching'
'Leadership & Executive Coaching''Leadership & Executive Coaching'
'Leadership & Executive Coaching'
 

Security Audit- Physical and Information

  • 1. Security Audit- Information –Physical © COPYRIGHT PLN9 SECURITY SERVICES PVT. LTD. ALL RIGHTS RESERVED PLN9, A Complete Security Solution In Association With Tyco
  • 3. 1- Security audit is an audit on the level of information security in an organization. Within the broad scope of auditing information security there are multiple types of audits, multiple objectives for different audits, etc. Most commonly the controls being audited can be categorized to technical, physical and administrative. 2- Auditing information security covers topics from auditing the physical security of data centers to auditing the logical security of databases and highlights key components to look for and different methods for auditing these areas.
  • 4. • 1-In examining physical security, the auditor should be concerned with where the system is physically located and which physical locations it can be accessed from. • 2- It may be necessary to check that security guards are employed to guard against intruders (and that they—and the company they work for— are trustworthy and reliable and have been subjected to a police check). How to Perform a Security Audit
  • 6. 1- External : These are conducted by a third party 2- Internal : Corporate : By headquarters or Personnel from other units of the same company. 3- Self : In –house – by the plant personnel themselves.
  • 8. 1- The main objective of the audit is to assess the adequacy and effectiveness of EC’s security measures and management controls, through four specific objectives focusing on high-risk areas. 2- To assess the adequacy of the physical security threat identification and risk management process, with a focus on activities performed at the facility level. 3- To determine whether roles and responsibilities of all parties involved in departmental physical security are clearly defined, performed by the appropriate party, and cover the span of security activity, as defined by the TB Policy on Government Security;