A place for Information Systems Security auditors/enthusiasts to discuss interpretation,application and improvement of various standards/models vis-a-vis information security.


Topics covered include but are not limited to :

- ISO 17799/BS7799 Compliance
- IT governance and IT Investment Governance frameworks like Cobit and ValIT
- PCI DSS Credit card security standard compliance
- Risk Assessment Methodologies and Models
(Octave, FMEA etc.)
- SSE-CMM , OWASP ( Security in Software development )
- HIPPA , SoX , GLBA
- Contingency planning (BCP/DRP)
- RBI banking guidelines , IT Act India 2000
- CSIRT , CERT
- CMM , Six Sigma
- Business Process Re-Engeening and Project Management
- Penetration testing and Vulnerability assessment
- Exploitation Techniques (win32 / *nix /*bsd , solaris)
-Forensics , cyber crime , Cyber frauds , Identify Theft
- other auditing best practices/standards/regulations.

The sample checklists , icqs , report templates , project plans , exploits , tools etc. shall soon be up for downloads and require handsome contributions from all the members here.


Learn , share and be enlightened !!


Best Wishes

Shashank Pandey
CISSP , CISA , SANS PCI COMPLIANCE, SANS CUTTING EDGE HACKING TECH. , SANS DIGITAL FORENSICS certified

Moderator , Security Auditors E Group
reach_shash@yahoo.com