Assignment:
The audit planning process directly affects the quality of the outcome. A proper plan ensures that resources are focused on the right areas and that potential problems are identified early. A successful audit first outlines the objectives of the audit, the procedures that will be followed, and the required resources.
Instructions
Choose an organization you are familiar with and develop an 8 to 10 page IT infrastructure audit for compliance in which you:
Define the following:
- Scope.
- Goals and objectives.
- Frequency of the audit.
- Duration of the audit.
Identify what you consider to be the critical requirements of the audit and provide a rationale for your choices.
Choose privacy laws that apply to the organization and identify who is responsible for privacy within the organization.
Develop a plan for assessing IT security for your chosen organization by conducting the following:
- Risk management.
- Threat analysis.
- Vulnerability analysis.
- Risk assessment analysis.
Explain how to obtain information, documentation, and resources for the audit.
Analyze how each of the seven domains aligns within your chosen organization.
Align the appropriate goals and objectives from the audit plan to each domain and provide a rationale for your alignment.
Develop a plan that:
- Examines the existence of relevant and appropriate security policies and procedures.
- Verifies the existence of controls supporting the policies.
- Verifies the effective implementation and ongoing monitoring of the controls.
- Identify the critical security control points that must be verified throughout the IT infrastructure and develop a plan that includes adequate controls to meet high-level defined control objectives in this organization.
Use at least three quality resources in this assignment. Note: Wikipedia and similar websites do not qualify as quality resources.
This course requires the use of Strayer Writing Standards. For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course. Check with your professor for any additional instructions.
The specific course learning outcome associated with this assignment is:
Develop an IT infrastructure audit for compliance.