Recently, I’ve been working on developing an easy way for smaller and medium sized clients manage their Vendors and perhaps more importantly track which Vendors present the most risk. One […]
The first thing I try to explain to new auditors (or clients going through an audit for the first time) is what techniques IT auditors use to audit.
Most people unfamiliar […]
Any consultant or auditor will tell you that the most difficult part of the job is getting the right information from clients. That is why designing an effective information request […]
This past December I took the ISACA CISA exam and I’m pleased to announce that last week, I got my confirmation letter stating that I passed in the top 10 […]
One of the most common questions I am asked by my less-than-tech-savvy friends and colleagues is “How do you keep your computer from getting viruses?”
In reality, there are a lot of things you […]
What is a Malicious File Execution Vulnerability?
Malicious file execution vulnerabilities (also called File Inclusion Vulnerabilities) is a vulnerability that occurs due to user input or uploads to websites not being […]