• You have been asked to audit your company security plan as it applies to acceptable employee use of the Internet and e-mail. Write a preliminary audit plan, including scope, objectives, and audit steps.
• You work as an IT auditor for Ajax systems. The primary system administrator for your company''s critical systems has disappeared. He leaves no forwarding address and his phone is disconnected. You are asked to perform an audit of the operating system that used to be under his control. How would you approach it? Include the steps you would take in auditing these systems.
• You are an internal auditor assigned to perform an operations audit of a data center. On reviewing the operations policy and procedures manuals, you find that the manuals appear to be fairly complete and current. Describe at least three audit test you would perform to test whether the manuals are actually used and followed.