From the course: Performing a Technical Security Audit and Assessment
Unlock the full course today
Join today to access over 22,400 courses taught by industry experts or purchase this course individually.
Develop the assessment plan
From the course: Performing a Technical Security Audit and Assessment
Develop the assessment plan
- Capturing the Technical Security Assessment Plan in a written document is an important component to the testing process. Prior to conducting an assessment, the planned activities and any related information should be documented to provide structure and accountability for the entire project. The plan can also be used as the basis to communicate the objectives and actions of the assessment to anyone in the organization who will be impacted by the testing such as users, and system owners. Technical Security Assessment Plans typically include information about the type and objective of the assessment, which systems and networks are in scope, the time frame for the assessment, which security controls will be tested, which testing techniques will be used, how sensitive data will be handled, how risks to the organization systems will be factored into the assessment, and criteria for determining when the test is complete. I have included a template for a security assessment as a hand out in…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
-
Develop a security assessment policy1m 43s
-
Prioritize and schedule the assessments3m 21s
-
Select and customize techniques3m 31s
-
Select the assessors3m 1s
-
Select the location3m 15s
-
Select tools and resources3m 19s
-
Develop the assessment plan2m 34s
-
Challenge: Write a security assessment methodology2m 8s
-
Solution: Write a security assessment methodology1m
-
Legal considerations1m 22s
-
-
-
-