Information Technology Reference
In-Depth Information
introduction of wearable devices which are used to communicate with office systems
via Bluetooth for example. All these devices introduce different risks when used to
connect to office networks.
The benefits of using workstations are that they provide us with the ability to capture
large volumes of data, access to data in remote locations through networks, and the
Internet. We can also use our workstations to process complex data either independ-
ently as a stand-alone workstation or through other bigger computers, such as main-
frames and supercomputers.
The IS auditor should understand the role of audit objectives and how they are deve-
loped. Audit objectives are normally determined by management or the department
concerned and may vary in content depending on business requirements. Below in
figure 4.1 are some generic audit objectives which can be considered when auditing
workstations:
#
Audit Objective
Environment
1
Security of the workstations (physical and logical)
Workstation
2
Availability of antivirus and antimalware software
Workstation
3
Access controls using user account and password
Workstation
4
Hardening of security on the workstation operating system
Workstation
5
Availability of supported version of operating system on workstations
Workstation
Secure connectivity to network devices such as servers, printers, and
Internet
6
Workstation
7
Security for wireless connections
Workstation
8
Determine approved application systems on workstation
Workstation
9
Availability of patches to update workstation OS software
Workstation
10 Protection of data on the workstation
Workstation
Figure 4.1 Workstation Audit Objectives
b) Operating Systems
Search WWH ::
Custom Search