You are here:

Information Security

The Information Security Special Interest Group is a special interest group affiliated to the Institute.

The Group's members are generally computer auditors although any auditors with responsibilities for information security are welcome to join.

The Information Security Special Interest Group offers meetings, lectures, seminars and similar functions on all aspects of information security. The objective of the Group is to provide a forum for discussion and information sharing in relation to information security. The Group exists to support practitioners in the areas of computer audit and information security, and to promote the awareness and use of computer auditing and information security control techniques.



 

Event: Experiencing the Enigma

This latest ISSIG event was held on 5 March 2008 at the historic site of Bletchley Park in Milton Keynes, Buckinghamshire. To access the presentations from this event, please click on the attachements below:

Presentation title: Software Licensing and Software Asset Management
How does your organisation ensure compliance with licensing requirements?
Presented by: Andrew Shefford
Company: Ernst & Young

  Software Licensing and Software Asset Management


Presentation title: Windows Security Demystified
An auditors guide to evaluating Windows and Active Directory security controls. Where to look, what to ask and how to evaluate findings.
Presented by: Steve Rimmell
Company: Rimmell Associates Limited

  Windows security demystified


Presentation title: Auditing IT/IS Strategy
Getting the strategy correct is a key component of the IT governance process. What is audit's role in this?
Presented by: Dr. John Mitchell
Company: LHS Business Control

  Auditing IT / IS stratgey   


Presentation title: Data Protection and Encryption Security
This presentation replaced the originally scheduled presentation and explained how encryption supports the requirements of data protection with practical examples.
Presented by: Steve Rimmell
Company: Rimmell Associates Limited

  Data protection and encryption secuirty

 

Event: Information Securit Risks - are yourself!

This ISSIG event was held on 3 October 2007. To access the presentations from this event, please click on the attachements below:


Presentation title: Web Application Security Audits
Hack the web! How to identify risks and control them and see a live exploitation of a demonstration site.
Presented by: Lee Lawson
Company: DNS

  Web Application Security Audit


Presentation title: Active Security and Risk Management
Risk management means different things to different people - that's the biggest problem! Managing risk is omplex but can be a lot easier if you harness existing knowledge in a common framework and focus on the benefits.
Presented by: Stephen Hall
Company: InfoGov

  Active Security and Risk Management


Presentation title: Social Engineering
An increasing form of corporate risk, methods of access and how to combat them.
Presented by: Richard Hollis
Company: Orthus Ltd

  Social Engineering


Presentation title: Logical Access
Addressing the challenges in securing the organisation against exploitation of web services and service oriented architecture.
Presented by: Akin Akinyemi
Company: Erinaceous Group PLC

  Logical Access

 

For more information on the Information Security Special Interest Group or if you have any queries please email Stella Ollier by clicking here.