Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tom Walsh, CISSP President

Published byColin Bridges Modified over 5 years ago

Similar presentations

Presentation on theme: "Tom Walsh, CISSP President"— Presentation transcript:

1 Tom Walsh, CISSP President
Audit Controls Tom Walsh, CISSP President

2 Copyright © 2003, Tom Walsh Consulting, LLC
Certified Information Systems Security Professional (CISSP) Co-authored a book on HIPAA Security Invited speaker at national conferences Former information security manager for large healthcare system in Kansas City, MO DOE-certified safeguards and security instructor A little nerdy, but overall, a nice guy  Copyright © 2003, Tom Walsh Consulting, LLC

3 Copyright © 2003, Tom Walsh Consulting, LLC
Why do we audit? Investigations Troubleshooting Employee misconduct Forensic evidence Random sampling to keep users in check Users are randomly selected for audit Audit data is provided to their managers Compliance Because it is required in HIPAA Copyright © 2003, Tom Walsh Consulting, LLC

4 Copyright © 2003, Tom Walsh Consulting, LLC
What do we audit? Operating system Programs/files modifications Directory or file access or failed attempts Password changes, strength, etc. Application Order entry, changes, updates, deletions, etc. Access control lists to Data Owners Network Internal (User’s logging on and off) External (Vendors, workforce members, file transfers, etc.) Copyright © 2003, Tom Walsh Consulting, LLC

5 What do we do with audit logs?
Controlling access to logs Are they stored on a separate system? System administrators - Should they have access to audit logs? Reviewing logs Network engineer? Information Security Officer? Clinical manager? Internal audit? Storing logs (retention) Operating system Application Network Copyright © 2003, Tom Walsh Consulting, LLC

6 Copyright © 2003, Tom Walsh Consulting, LLC
Other Issues... Are warning banners are displayed at logon to any system or network to notify users of auditing and monitoring activities? Have Data Owners determined the events that will trigger an audit trail? Have we checked with our vendors on audit capability and performance impact? What tools are available for quickly reviewing audit data? What are other organizations doing? Copyright © 2003, Tom Walsh Consulting, LLC

7 Determining Audit Controls
Management: “We need audit controls.” IT: “Okay, what activities do you need to capture in an audit log?” IT: “How long will you want to retain the audit logs?” IT: “What performance impacts are you willing to accept?” “… and so it goes…” Copyright © 2003, Tom Walsh Consulting, LLC

8 Copyright © 2003, Tom Walsh Consulting, LLC
Participation This panel discussion offers you the opportunity to share your thoughts on audit controls and to hear from our panel of experts. Thank you for being here! Copyright © 2003, Tom Walsh Consulting, LLC

Download ppt "Tom Walsh, CISSP President"

Similar presentations

BalaBit Shell Control Box

BalaBit Shell Control Box
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.

HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.
NERC Security Requirements – What Vendors Should Provide James W. Sample, CISSP, CISM Manager of Information Security California ISO.

NERC Security Requirements – What Vendors Should Provide James W. Sample, CISSP, CISM Manager of Information Security California ISO.
Hacking www.razlee.com Capture Save and Playback User Session Screens.

Hacking Capture Save and Playback User Session Screens.
Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.
Data Security The Best Data Security In The Industry.

Data Security The Best Data Security In The Industry.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.

Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
Access Control Chapter 3 Part 5 Pages 248 to 252.

Access Control Chapter 3 Part 5 Pages 248 to 252.
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models
Network security policy: best practices

Network security policy: best practices
Mastering Windows Network Forensics and Investigation Chapter 14: Other Audit Events.

Mastering Windows Network Forensics and Investigation Chapter 14: Other Audit Events.
Maintaining Host Security Logs.  Security logs are invaluable for verifying whether the host's defenses are operating properly.  Another reason to maintain.

Maintaining Host Security Logs.  Security logs are invaluable for verifying whether the host's defenses are operating properly.  Another reason to maintain.
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.

Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.
1 LOGICAL ACCESS FOR University Medical Group Saint Louis University Click the Speaker Icon for Audio.

1 LOGICAL ACCESS FOR University Medical Group Saint Louis University Click the Speaker Icon for Audio.
Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8.

Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8.
HIPAA COMPLIANCE WITH DELL

HIPAA COMPLIANCE WITH DELL
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

Similar presentations

Ads by Google