A conceptual framework of information security database audit and assessment

Abstract

Today, databases are on of the most important things in the IT world and it is also becoming more and more popular and organizations globally are gradually moving their traditional IT setup to database model to gain the benefits of securing the data and in terms of providing easy access to, and elasticity of IT services. With database security, the IT service roles within an organization become integrated hence giving the overall IT operating model a more structured layout. Such objectivity however can only be materialized when proper planning and execution are put in place. As such, a proper execution and implementation of database system would include a stringent set of checks and audit processes. The goal of database auditing is central towards determining if the services engaged and its―maintainers are meeting certain legal requirements in terms of protecting customers data and organization standards to achieve secure data assets success against various security threats. Therefore, this project explores the factors influencing security audit quality by collecting data using structured group discussion.