intTypePromotion=1
zunia.vn Tuyển sinh 2024 dành cho Gen-Z zunia.vn zunia.vn
ADSENSE
 » 
 » 

Bài giảng Bảo mật cơ sở dữ liệu: Chapter 7 - Trần Thị Kim Chi

Chia sẻ: Hấp Hấp | Ngày: | Loại File: PPTX | Số trang:49

Thêm vào BST
Báo xấu
96
lượt xem 9
download
 
  Download Vui lòng tải xuống để xem tài liệu đầy đủ

Bài giảng "Bảo mật cơ sở dữ liệu - Chapter 7: Database auditing models" trình bày các nội dung: Gain an overview of auditing fundamentals, understand the database auditing environment, create a flowchart of the auditing process, list the basic objectives of an audit. Mời các bạn cùng tham khảo.

Chủ đề:

Bình luận(0) Đăng nhập để gửi bình luận!

Lưu

Nội dung Text: Bài giảng Bảo mật cơ sở dữ liệu: Chapter 7 - Trần Thị Kim Chi

  1. Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models
  2. Objectives • Gain an overview of auditing fundamentals • Understand the database auditing environment • Create a flowchart of the auditing process • List the basic objectives of an audit Database Security and Auditing 2
  3. Objectives (continued) • Define the differences between auditing classifications and types • List the benefits and side effects of an audit • Create your own auditing models Database Security and Auditing 3
  4. Auditing Overview • Audit examines: documentation that reflects (from business or individuals); actions, practices, conduct • Audit measures: compliance to policies, procedures, processes and laws Database Security and Auditing 4
  5. Definitions • Audit/auditing: process of examining and validating documents, data, processes, procedures, systems • Audit log: document that contains all activities that are being audited ordered in a chronological manner • Audit objectives: set of business rules, system controls, government regulations, or security policies Database Security and Auditing 5
  6. Definitions (continued) • Auditor: person authorized to audit • Audit procedure: set of instructions for the auditing process • Audit report: document that contains the audit findings • Audit trail: chronological record of document changes, data changes, system activities, or operational events Database Security and Auditing 6
  7. Definitions (continued) • Data audit: chronological record of data changes stored in log file or database table object • Database auditing: chronological record of database activities • Internal auditing: examination of activities conducted by staff members of the audited organization • External auditing Database Security and Auditing 7
  8. Auditing Activities • Evaluate the effectiveness and adequacy of the audited entity • Ascertain and review the reliability and integrity of the audited entity • Ensure the organization complies with policies, procedures, regulations, laws, and standards of the government and the industry • Establish plans, policies, and procedures for conducting audits Database Security and Auditing 8
  9. Auditing Activities (continued) • Keep abreast of all changes to audited entity • Keep abreast of updates and new audit regulations • Provide all audit details to all company employees involved in the audit • Publish audit guidelines and procedures • Act as liaison between the company and the external audit team Database Security and Auditing 9
  10. Auditing Activities (continued) • Act as a consultant to architects, developers, and business analysts • Organize and conduct internal audits • Ensure all contractual items are met by the organization being audited • Identify the audit types that will be used Database Security and Auditing 10
  11. Auditing Activities (continued) • Identify security issues that must be addressed • Provide consultation to the Legal Department Database Security and Auditing 11
  12. Auditing Environment • Auditing examples: – Financial auditing – Security auditing • Audit also measures compliance with government regulations and laws • Audits take place in an environment: – Auditing environment – Database auditing environment Database Security and Auditing 12
  13. Auditing Environment (continued) • Components: – Objectives: an audit without a set of objectives is useless – Procedures: step-by-step instructions and tasks – People: auditor, employees, managers – Audited entities: people, documents, processes, systems Database Security and Auditing 13
  14. Auditing Environment (continued) Database Security and Auditing 14
  15. Auditing Environment (continued) Database Security and Auditing 15
  16. Auditing Environment (continued) • Database auditing environment differs slightly from generic auditing environment • Security measures are inseparable from auditing Database Security and Auditing 16
  17. Auditing Process • Quality Assurance (QA): – Ensure system is bug free and functioning according to its specifications – Ensure product is not defective as it is being produced • Auditing process: ensures that the system is working and complies with the policies, regulations and laws Database Security and Auditing 17
  18. Auditing Process (continued) • Performance monitoring: observes if there is degradation in performance at various operation times • Auditing process flow: – System development life cycle – Auditing process: • Understand the objectives • Review, verify, and validate the system • Document the results Database Security and Auditing 18
  19. Auditing Process (continued) Database Security and Auditing 19
  20. Auditing Process (continued) Database Security and Auditing 20
ADSENSE

CÓ THỂ BẠN MUỐN DOWNLOAD

THÔNG TIN
TRỢ GIÚP
HỖ TRỢ KHÁCH HÀNG
Theo dõi chúng tôi

Chịu trách nhiệm nội dung:

Nguyễn Công Hà - Giám đốc Công ty TNHH TÀI LIỆU TRỰC TUYẾN VI NA

LIÊN HỆ

Địa chỉ: P402, 54A Nơ Trang Long, Phường 14, Q.Bình Thạnh, TP.HCM

Hotline: 093 303 0098

Email: support@tailieu.vn

Giấy phép Mạng Xã Hội số: 670/GP-BTTTT cấp ngày 30/11/2015 Copyright © 2022-2032 TaiLieu.VN. All rights reserved.

 

Đồng bộ tài khoản
3=>0