Microsoft Exchange Server 2010 Audit/Assurance Program

14m
ISACA
ISACA
2011

IT audit and assurance professionals are expected to customize this document to the environment in which they are performing an assurance process. This document is to be used as a review tool and starting point. It may be modified by the IT audit and assurance professional has the necessary subject matter expertise required to conduct the work and is supervised by a professional with the Certified Information Systems Auditor (CISA) designation and/or necessary subject matter expertise to adequately review the work performed.

Exchange Server 2010 is comprised of a series of cooperating processes that communicate with one another on local and remote computers, as well as with domain controllers, and a number of different clients. Internet Information Server (IIS) is integral to Exchange Server's functionality. This series of complex relationships means that locking down and auditing Exchange Server 2010 requires consideration of several different components.

Security and control of Exchange Server 2010 depend on the larger control structure in place in the enterprise. The audit of Exchange Server 2010 needs to take account of this integration with other parts of the Corporate IT architecture. This means, that in addition to technical aspects of Exchange Server 2010, the audit/assurance professional must focus on the governance, policies and monitoring/oversight functions associated with its deployment and management.

The audit/assurance professional should be familiar with Exchange Server 2010's primary management tools and is cautioned not to attempt to conduct an audit/assurance review of Exchange Server 2010 utilising this program as a checklist.

In this Book

Microsoft Exchange Server 2010 Audit/Assurance Program
Introduction
Using This Document
Assurance and Control Framework
Executive Summary of Audit/Assurance Focus
Audit/Assurance Program
Maturity Assessment
Maturity Assessment vs. Target Assessment
Exchange Server 2010—Server Roles
Exchange Server 2010 Transport Pipeline—Schematic
Specimen Exchange Server Management Role Hierarchy

FREE ACCESS

Book IT Security Controls: A Guide to Corporate Standards and Frameworks, 1st Edition

Course Microsoft Security: Compliance Concepts & Methodologies

Book Practical Database Auditing for Microsoft SQL Server and Azure SQL: Troubleshooting, Regulatory Compliance, and Governance

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

Microsoft Exchange Server 2010 Audit/Assurance Program

In this Book

YOU MIGHT ALSO LIKE