Thursday, January 04, 2007

10 Steps to Creating Your Own IT Security Audit

A tool missing from many humanitarian security practitioners' toolbox is experience in handling information security. Usually this area is left to an organization's IT staff, which is often too busy handling day-to-day system administration duties or doesn't have much depth when it comes to security (this can especially be true in smaller field offices).

While information security does tend to have more technical elements than most aspects of NGO security (which can be a little intimidating to some people), the basics are grounded in common sense.

Here's a good article that lists 10 steps for performing your own IT security audit. It's fairly easy to read and and provides the fundamental questions to ask if you ever need to perform an IT-related security assessment. From doing computer security work for a number of years before becoming involved with the humanitarian community, I give the authors two thumbs up for covering most of the basics in a concise and easy to understand way.



Post a Comment

<< Home