RE: Security and penetration review

["Sadler, Connie" <Connie_Sadler () Brown edu>]

Dallas, if you don't find something, just write things down. The format and flow can be done by someone else. It's 
important that you capture the positives as well as the negatives, and that can be done with a voice recorder, bullets 
on a paper towel, etc. Technical people don't always have to know how to write (although it helps). They do need to 
know someone who can.  ;-)  Partnering on these things can be very beneficial, if that's an option that is open to you. 
Just my two cents...

Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
Director, IT Security, Brown University
Box 1885, Providence, RI 02912
Connie_Sadler () Brown edu
Office: 401-863-7266
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB
PGP Fingerprint: DA5F ED84 06D7 1635 4BC7  560D 9A07 80BA 91E3 8EFB


-----Original Message-----
From: Hindle, Dallas [mailto:Dallas.Hindle () bakersdelight com au] 
Sent: Thursday, June 09, 2005 6:40 PM
To: security-basics () securityfocus com
Subject: Security and penetration review


Hi

I have been asked to review the security of a company, doing the actual
security review isn't a problem, however the documentation is a problem,
I'm a geek and doco isn't my strong point, the company wants the review
fully documented and presented to some of the I.S. big wigs.


Does anyone have and links to security review templates or have any
reviews they would mind sending my way?



Thanks


Dallas Hindle
Infrastructure Team Leader
Bakers Delight Holdings Limited.
Suite 1, Level 1
293 Camberwell Road
Camberwell, Victoria, 3124
Australia
p. +61 3 9811 6183
m. 0413 707 451
f. +61 3 9811 6100
w. www.BakersDelight.com.au
e. Dallas.Hindle () BakersDelight com au 
-- 
Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.
http://www.mailguard.com.au/mg