This document, which focuses on the Linux security issues for one of the more popular versions of Linux, Red Hat version 9/Fedora, provides a standard reference for Linux security controls and their audit for security administrators, security professionals and information systems auditors. It provides the following guidance to IT management: * The business and technology drivers for Linux * The vulnerabilities of the Linux operating system * Risk management issues with an action-oriented perspective * Linux security software * How to secure Linux installations to fulfill the control objectives of two well-known standards-COBIT and ISO 17799 * Detailed internal control questionnaires. Call +1.847.253.1545 ext. 401, visit www.isaca.org/bookstore or e-mail [email protected] for more information.

Current best practices and future trends in ERP issues are documented in a practical how-to guide to enable risk professionals and auditors (both IT and non-IT) to evaluate risks and controls in existing ERP implementations and to facilitate the design and building of better practice controls in system upgrades and enhancements. This is the second in a series of technical and risk management reference guides dealing with the world's three major ERP systems: SAP R/3 Audit, Oracle Financials and PeopleSoft. The guides concentrate on three very different software programs but do contain common chapters on ERP risk management and audit approach. This guide uses Release 11i and provides frameworks and methodologies for auditing and testing in an Oracle environment, including a recommended Oracle audit framework, how to adopt a risk-based audit approach to ERP, an overview of the Oracle authorization concept, how to test Oracle security, configurable controls and segregation of duties/excessive access. The need to identify the causes of issues arising from audit or control testing and a technique to assist in identifying the cause of issues using the COBIT Framework also are described. Call +1.847.253.1545 ext. 401, visit www.isaca.org/bookstore or e-mail [email protected] for more information.