Auditors and Evaluators
- By Dan Verton
- Mar 26, 2000
DISA released the CD-ROM "Information Assurance for Auditors and Evaluators,"
Version 1.04, in October 1998. Although a little out of date, the CD offers
an interactive, multimedia tour of the basics of information assurance and
computer crime. It also identifies for auditors what agencies and program
offices should be doing to ensure that their enterprisewide systems are
Users can click through the course at their own pace, starting with
the fundamentals of computer crime and abuse to the basics of threats and
vulnerabilities, available countermeasures, and how to determine risk and
conduct risk assessments. Real-world cases are provided as examples to emphasize
that the threats to systems are real. A quiz at the end of the course allows
managers to monitor employee performance.
Back to the main story: DOD uses video, CD-ROMs to teach security