May 17, 2019

Cybersecurity Supporting Documentation

In previous posts I outlined the required topics for cybersecurity policies and procedures.  In this post I will cover the cybersecurity related supporting documents.

The table below lists items or topics, that should be address eit...

May 10, 2019

In a previous post I outlined the required topics for cybersecurity policies.  In this post I will cover the required procedures from various cybersecurity standards and in a future post will cover the cybersecurity related supporting documents.

The table below lists it...

January 15, 2019

As an IT auditor for local governments, one of the most often asked questions I get during audits is this: “Who should setup user access in the financial application?”  There is a debate concerning whether it should be IT or finance staff that creates accounts and is i...

August 1, 2018

Here is a few videos about how to catch people who are lying. This is useful if you are an investigator or auditor. Deception is a key for criminals and fraudsters. The need to get to the truth is important for any investigator or auditor. How can you determine if some...

July 20, 2018

Here is a sample high-level cybersecurity policy for a city, district, or county.  It is designed to be a high-level statement adopted by city council, supervisors, or board of directors and leave detailed policies and procedure at a lower level.  The reason is detaile...

July 18, 2018

According to the Verizon 2018 Data Breach Report, 93% of data breaches are linked to phishing or social engineering.  With stats like that, you would think cybersecurity awareness would be a top priority for organizations.  However, there have been some cybersecurity p...

April 13, 2018

A series of courses covering the Certified Information Systems Auditor (CISA) certification. This first episode will cover the basics of qualification and exam prep.

April 12, 2018

Microsoft Certified Trainer, John Hohn, discusses Microsoft new licensing models for Windows, Windows Server, and Office 365. 

February 26, 2018

Microsoft has released Compliance Manager for general availability this week.  The feature was made available in Public Preview in November 2017, (see MC125028).  According to Microsoft, “Compliance Manager is a cross-Microsoft-cloud services feature designed to help o...

November 22, 2017

From the way-back machine.  Almost two decades ago when I did IT services for clients I came up with this as an information sheet for clients.  Basically, giving them a high-level overview of a IT Ops framework.  I did this before Microsoft Operations Framework (MOF) o...

Please reload

Featured Posts

Does Security Awareness Work?

July 18, 2018

1/10
Please reload

Archive
Please reload

Follow Me
  • Facebook Basic Square
  • LinkedIn Social Icon
  • Twitter Basic Square
  • YouTube Social  Icon
  • SlideShare

© 2018 by Donald E. Hester. Proudly created with Wix.com     |    Sponsored by

  • Facebook Social Icon
  • LinkedIn Social Icon
  • Twitter Social Icon
  • YouTube Social  Icon
  • SlideShare