Tag: IT Audit

Search
Password Security

Analysis of Strong VS Weak Passwords

Data breaches are a dime a dozen these days. But when hackers steal databases full of customer info, login names, and passwords, the passwords themselves aren’t usually sitting out in plain sight. Typically, the passwords will be cryptographically hashed. Hashing a password takes a string of any length (the password

Read More
Audit Blog

How to Provide Audit Evidence

So, you’ve been tasked with providing evidence for an audit. You may be wondering what your auditor is even looking for. Let’s take a look behind the scenes at why the auditor is asking for certain things, and how you can provide audit evidence to make your life (and your

Read More

COVID-19 and ISO 27001: What Coronavirus Means for Your Certification Audit

Many organizations have been impacted by office closures during the COVID-19 pandemic. Here’s how to maintain your ISO 27001 certification during the crisis. Many organizations are facing the challenge of maintaining their ISO 27001 certification schedule during the Coronavirus (COVID-19) pandemic. This includes scheduling (or rescheduling) on-site audits in a

Read More
CISA

Advice for Taking the CISA Exam (Updated)

Everything you need to know to pass with flying colors. As risk3sixty continues to grow, more members of our team will be taking the Certified Information Systems Auditors (CISA) exam to be the best security and compliance craftsmen for our clients. We have provided advice for taking the CISA exam

Read More

How to Create Effective Policies

How to leverage information security policies into leveling up your security program.   People often regard information security policy as a “check-the-box” compliance initiative. Many organizations will copy a policy template, make small revisions applicable to their context, and then forget about it.   But, an information security policy that

Read More

Craftsmanship in Music and Compliance

If you’ve been on stage for a speech or performing arts, you know stage fright is real. Businesses can get nervous when they hear the word “audit” in the same way musicians can get nervous before a performance. However, there is one great way to alleviate that fear: preparation. If

Read More
CISSP Advices for Studying and Passing

Advice for Studying and Passing the CISSP Exam

This past week I sat for the (ISC)2 CISSP exam and passed on my first attempt! With the entire preparation and test taking experience still fresh on my mind, I felt I should take time to document my experience and study approach similar to when I sat for the CISA

Read More

Advice for Taking the CISA Exam

This past December I took the ISACA CISA exam and I’m pleased to announce that last week, I got my confirmation letter stating that I passed in the top 10 percentile of fellow test takers! With the test passed and the experience still very fresh on my mind, I felt

Read More