Mindgrove logo 

  Home
  About us
  Training
  Consultancy
  Resources
  Useful links
bullet point Tools and aids
  Clients
  Contact us




















Tools and aids

 

If you find a broken link, please help us and others by send us email to let us know which link is broken. We check links regularly, but many of the links on this page are to external web sites and we have no control over changes made to them.

 

STUDENT EXAM GUIDES

 

Exam Guide  (pdf download 1MB)

A guide produced by MindGrove staff for those sitting professional examinations

 

Managing Exam Stress

Good advice from University of Adelaide about managing exam stress

IT/IS Audit Process Models (Mind Maps) – for IT Audit examination questions or for IT/IS audit generally

 

IT/IS Audit Process Models (Mind Maps)

For IT Audit examination questions or for IT/IS audit generally

 



 

TECHNICAL GUIDES


The first two guides are intended for those who wish to get involved in the retrieval of data for evidence or testing purposes. They describe the use of MS Query in retrieving data from database sources. Retrieve them in the order they are presented.


Open Database Connectivity

Understanding ODBC and how to configure ODBC for simple query work using MS Query


ODBC and OLAP

Understanding how to create more complex queries and import results into Excel
This substantial paper is intended for those that wish to find out more about wireless, bluetooth, PDA and storage card security and control.


Mobile Device and Wireless Security (pdf download 866KB)

Learn more about the risks associated with these technologies and use our free 24 point checklist to help reduce your exposure to these risks.


Articles on Computer Security and Insecurity

By Bruce Schneier - author of "Secrets and Lies"

 



 

POCKET CHECKLISTS


These checklists, covering the critical risks associated with chosen topics, are intended as supplements to the work of audit, risk management and IT security professionals.


Routers - 10 Important Risks

This paper will extend your knowledge about router risks and controls – it will be most useful to auditors that specialise in technology.


Top 13 Project Risks

It turns out that thirteen is unlucky for projects too! Consult this list of frequently occurring risk issues to manage them before they manage you.


12 Top Contract Risks

This guide contains a lot of information about key contract risks.


Inventions and Ideas

Many organisations have to protect or patent their intellectual property – this guide helps focus on risks in this area

 

eCommerce Project Risk

Of course we are all going electronic, but eCommerce projects open up a new area of risks that need to be controlled in order to have a successful outcome.


Application Service Providers

We increasingly outsource our non-core business activities – but are we considering all of the risks?

 



 

AUDIT & SECURITY TOOLS & FORENSIC UTILITIES


AIDA32

Good and comprehensive inventory tool


The Centre for Internet Security (CIS)

Download (free) best practice benchmarks for operating systems, networks, applications and more.

 

Sam Spade

A free and useful network lookup tool that includes finding an IP address from a hostname, or vice-versa, traceroute, dig, email header analysis and more
 

Microsoft Security Tools

From Microsoft Security


Netcraft

Site that enables you to determine which hosting software is being run on that website

 

Top 125 Network Security Tools

Site that rates and describes the best network security tools - many are freeware

 
Password Recovery Resources

Tools to Recover Passwords


What's that process that's running in Windows?

Look-up processes that you see displayed in task manager and find out more about them

 

Which Windows System?

The Elder Geek - a huge searchable inventory of Windows knowledge

 

What's that UNIX process?

A useful repository of knowledge about common UNIX processes and programs

 

WinHex

One of the best low cost forensic utilities for disk analysis


Windows DumpSec

Free reporting tool DumpSec (formerly known as DumpAcl) to create customisable audit reports from Windows systems

 



 

PENETRATION TEST RESOURCES


Glossary
A comprehensive glossary of vulnerability testing terms from the Finnish University of OULU


Open Web Application Security Project
The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software - go here for free resources and advisories

 

Vulnerability Testing

Links to Qualys, GFI LanGuard and MetaSploit - all of which offer free trials of professional software for vulnerability testing

 




BUSINESS TOOLS AND RESOURCES


IS Modeler
Demonstration version of low cost Process Modelling Tool


Public Domain Spreadsheet Templates
Including IT Risk, Balanced Scorecard, general Risk Analysis

 



 

OFFICE


IT Security Policy Templates

A wide range of free ITSEC templates from SANS


Services guide to Windows XP


VoIP Internet Telephony

Free or low cost encrypted telephone calls, conference calls and real time chat around the world – SKYPE

 

Public Domain security software

A range of free security solutions for home users

 



 

PROJECT MANAGEMENT

 

Project Risk

A (customisable) template for evaluating project risk – created by MindGrove v5.0 2011 requires MS Word 2007 or later.

 



 

CONTROLLING MICROSOFT, CISCO and IBM ENVIRONMENTS


Microsoft Online

 

Microsoft Security Guidance - select link according to product or interest

 

Windows 2003 Server Security Guide - quicklink to Server 2003


Best practice: Windows Encrypting File System - quicklink to EFS

 

 

Cisco Online


Cisco searchable links - choose 'security' keyword under Option 1 to find guides and documentation

 

 

IBM Redbooks Online


Free and definitive books direct from IBM. Go to this portal to search, find and retrieve audit related materials on Database Security, AS/400 Security, RS/6000 Security, Linux Security, Lotus Security, i Series – pSeries – xSeries and zSeries, Security, S/390, Websphere, Tivoli Systems and more.

 

 

 


  Call us on +44 (0) 1925 730 200 Site map | Contact us  
© 2014 Mindgrove Ltd. All rights reserved