Assessing Approaches of IT Infrastructure Audit

Abstract

The paper presents a brief overview of information security components criteria. Further analysis of common schemas in financial and commerce sectors determining common items as IT security subjects. Lead and general security standards are analyzed for the approach of determining the scope for auditing IT infrastructure. Schemes typical for financial and commerce sectors are analyzed for identifying typical and individual IT subjects. A new approach for determining scope is purposed. Comparison of new and general approaches is shown on examples of basic schemas of companies. Testing of the approach described.