超级会员免费看
虚拟和云环境中的合规性构建指南
1. 潜在风险与审计应对
在虚拟和云环境中,存在多种可能影响系统正常运行和合规性的风险,如下表所示:
| NUMBER | PATH |
| ---- | ---- |
| 5c | Loss of power |
| 5d | Damage to or loss of ancillary equipment |
| 5e | Natural disasters |
| 5f | System overload |
| 5g | Staff unavailability |
| 5h | Loss of service provided by a third party |
| 6a | User error |
| 6b | Administrative mistakes |
| 7 | Unforeseen effects of change |
| 7a | New/upgraded processes |
| 7b | Changes to software |
| 7c | Changes to business information |
| 7d | Changes to computer/network |
| 7e | Organizational changes |
| 7f | Changes to user process |
当评估员或审计员来现场与 IT 组织会面时,通常会引发一系列活动。需要满足文档请求,并安排会议进行访谈,以向新的询问者证明一切正常,内部安全控制得到妥善
订阅专栏 解锁全文
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
