Checklists, though mundane, are a key component of many jobs. They help ensure that key issues aren't overlooked, and they serve as guideposts for anyone auditing the work. This book provides technology managers with a very good preparatory set of details and checklists for their e-commerce infrastructure. The book can also show a corporate auditor what to look for to ensure that appropriate controls are in place.
Throughout its 6 chapters and 225 pages, the book offers a detailed, progressive, and structured approach for performing such audits. The book addresses technology-related issues but doesn't require the auditor to be expert in them. Among topics discussed are physical security, authentication, and passwords; checklists ensure that these features are deployed or configured correctly.
For ensuring that file servers and other elements of the e-commerce infrastructure are protected, this book is an excellent choice.
Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a New York City-based senior security consultant with ThruPoint, Inc. He is a member of ASIS International.