Werving en
selectie van IT Auditors |
|
Normen voor EDP audit onderzoek
Wetten
- Wet
persoonsregistraties (WPR)
- Wet Bescherming
Persoonsgegevens (WBP)
- Besluit Gevoelige
Gegevens (BGG)
- EG-richtlijn
Bescherming persoonsgegevens (95/46/EG)
- Wet computercriminaliteit (WCC)
Normen
- Code voor informatiebeveiliging (NNI, Delft)
- COBIT: Control Objectives for Information and Related Technology (ISACA)
- Checklist computerbeveiliging, (NGI Amsterdam)
- Orange, green & yellow book (Department of Defense, USA)
- ISO 9000-3 on development, supply and maintenance of software (NNI, Delft)
- ITIL: The CCTA IT infrastructure library (HMSO Books, London)
- ITSEC: Information technology security evaluation criteria / white book (Europese Unie)
- ITSEM: Information technology evaluation manual (Europese Unie)
- SAC: Systems Auditability and Control (Institute of Internal Auditors Research
Foundation
- COSO: Committee of Sponsoring Organisations of the Treadway Commission (AICPA)
- SAS: Consideration of the internal control structure in a financial statement audit
(Institute of CPA's)
- Beveiliging van persoonsregistraties (Beveiligingsadvies van de Registratiekamer)
- Voorschrift Informatiebeveiliging Rijksdienst
Normeringsinstellingen
- ANSI (American National Standards Institute)
- CCITT (Comité Consultatif International Télégraphique et Téléphonique
- ECMA (European Computer
Manufacturers Association):
- ETSI (European Telecommunications Standards Institute)
- EWOS (European Workshop for Open Systems)
- IEC (International Electrotechnical Commission)
- IEEE (Institute of
Electrical and Electronics Engineers)
- IFIP (International
Federation for Information Processing) TC11
- ISO (International Organisation for
Standardisation)
- NCSC (National Computer Security Center, USA)
- NIST (National Institute of
Standards and Technology)
- OIW (Open Implementors Workshop) SEGSIC (Security Special Interest Group)
|
|
|
