The National Bureau of Standards, with the support of the U.S. General Accounting Office, sponsored an invitational workshop on "Audit and Evaluation of Computer Security," held in Miami Beach, Florida on March 22-24, 1977. Its purpose was to explore the state-of-the-art in this area and define appropriate subjects for future research. Leading experts in the audit and computer communities were invited to discuss the subject in one of ten sessions, each of which considered a different aspect. A consensus report was produced by each of the ten sessions and these reports form the body of these Proceedings. The ten topics reported on are: Internal Audit Standards, Qualifications and Training, Security Administration, Audit Considerations in Various System Environments, Administrative and Physical Controls, Program Integrity, Data Integrity, Communications, Post-Processing Audit Tools and Techniques, and Interactive Audit Tools and Techniques.
and McKenzie, R.
Audit and Evaluation of Computer Security, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NBS.SP.500-19
(Accessed June 8, 2023)