Hello all - happy Thursday.
I've been looking for a generic audit framework that is flexible enough to support CIS (i.e. energy field sites) down to small businesses (i.e. medical, mom and pop stores, etc). Everything I've found (or know about) is either gargantuan and wonderful for a Fortune 500 company, or is a basic checklist that doesn't really provide value as it's meant for checkbox security.
Has anyone come across anything, know of any books or resources that I should dig into? I'm hesitant to build something from scratch if there's already something close to what I need, but figured the smart folks in here probably have some great suggestions for me.
Those both look like wonderful resources at first glance. I'll have a better read later, but you might have nailed it for me.
Thank you both!
@TroyCIS - Critical Infrastructure Systems, but your link looks very good as well. Thank you!
@TimGYea, I wouldn't use a cloud form. I leverage a secure file sharing service when absolutely necessary to transfer files, however, I try to avoid forms. There's an incredible amount of information missed out by not having conversations (in person or on the phone).
Cheers again everyone - really appreciate the info!
Well it's a manual process but here's how I would approach it, this is of course if you don't have software to do it.
1. Check all of the groups his admin account is a member of, it may give you a clue where he has access
2. Find a script that will query all of the servers and write the names of everyone in the local admins groups to a csv file and verify they are valid active accounts
3. Verify all of the accounts in the Enterprise Admins, Schema Admins, Domain Admins, and AD Admins groups are actual users (or service accounts)
Again, manual process, you're gonna have to do some detective work 🙂