Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

Mobile Computing

All, 

You may have noticed the new publication regarding mobile computing security audit/assurance.  A little more background of this publication below: The main objectives and scope of the publication are as follows.

Please review and offer your thoughts for discussion. thank you.

Objective - The mobile computing security audit/assurance review will:

  • Provide management with an assessment of mobile computing security policies and procedures and their operating effectiveness.
  • Identify internal control and regulatory deficiencies that could affect the organization.
  • Identify information security control concerns that could affect the reliability, accuracy and security of enterprise data due to weaknesses in mobile computing controls.

Scope - The review will focus on:

  • Mobile devices connected to the enterprise network or containing enterprise data
  • Mobile devices in scope include:
    • Smartphones
    • Laptops, notebooks and netbooks
    • Portable digital assistants (PDAs)
    • Portable Universal Serial Bus (USB) devices for storage (such as thumb drives and MP3/4 devices) and for connectivity (such as Wi-Fi, Bluetooth® and HSDPA/UMTS/EDGE/GPRS modem cards)
    • Digital cameras
    • Radio frequency identification (RFID) and mobile RFID (M-RFID) devices for data storage, identification and asset management
    • Infrared-enabled (IrDA) devices such as printers and smart cards

 http://www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/Mobile-Computing-Security-Audit-Assurance-Program.aspx

You must sign in to rate content.
(Unrated)

Comments

RE: Mobile Computing

Hi there,

I wasn't sure what kind of feed back you were seeking, I thought the documented provided a good start and stimulted thought for embarking on a Mobile Computing audit.

The paragraphs that follow emphase the point that it needs to be considered for changed before being adopted.

"IT audit and assurance professionals are expected to customize this document to the environment in which they are performing an assurance process. This document is to be used as a review tool and starting point. It may be modified by the IT audit and assurance professional"

Cheers.
David SneddonLively at 11/2/2010 5:37:25 PM Quote
You must sign in to rate content.
(1 ratings)

RE: Mobile Computing

Hi there,

I wasn't sure what kind of feed back you were seeking, I thought the documented provided a good start and stimulted thought for embarking on a Mobile Computing audit.

The paragraphs that follow emphase the point that it needs to be considered for changed before being adopted.

"IT audit and assurance professionals are expected to customize this document to the environment in which they are performing an assurance process. This document is to be used as a review tool and starting point. It may be modified by the IT audit and assurance professional"

Cheers.
David SneddonLively at 11/2/2010 5:37:25 PM Quote
You must sign in to rate content.
(1 ratings)

RE: Mobile Computing

Hi there,

I wasn't sure what kind of feed back you were seeking, I thought the documented provided a good start and stimulted thought for embarking on a Mobile Computing audit.

The paragraphs that follow emphase the point that it needs to be considered for changed before being adopted.

"IT audit and assurance professionals are expected to customize this document to the environment in which they are performing an assurance process. This document is to be used as a review tool and starting point. It may be modified by the IT audit and assurance professional"

Cheers.
David SneddonLively at 11/2/2010 5:37:25 PM Quote
You must sign in to rate content.
(1 ratings)

Leave a Comment

* required

You must login to leave a comment.