Reference no: EM131388936 , Length:
Information Security Audit Assignment
OBJECTIVES - This assignment is designed to assess students' ability to:
- Produce a concise detailed report about the importance of information security audit policy and its components
- To have excellent understanding relating to information security audit policy and its components
- To develop skills in manipulating and performing an information security audit
- To be able to define components of information security audit policy according to corporate requirements
- To be able to manage metrics, statistics, and facts about security audit policy effectively.
- Use of CU Harvard referencing system to cite and reference academic resources
OUTCOME - Student must have understanding of the following points
- Develop Information Security audit baseline(s).
- Perform an audit to identify events and corrective actions.
- Produce an audit-letter (report) to the organization's senior management.
Tasks:
These days, most of organizations are considering information security audit as a high priority due to the above said reasons. Hence, An information security audit is an audit on the level of information security in an organization. The organization's IT environment has to be controlled to meet the business requirements. For that purpose, an effective risk-based Information Security audit program with generally accepted audit standards and guidelines should be developed. Critically analyze and provide your findings on the following four aspects of information security audit.
Task 1: Assignment work proposal submission.
Task 2: The auditor should have a sufficient knowledge about the company and its critical business activities before starting an audit review. Critically analyze the part of an Information Security auditor towards audit planning and preparation.
Task 3: The auditor should consider various criteria the auditing approach. Analyze one of information security auditing frameworks or approaches that an auditor should establish over starting the auditing process.
Task 4: The technical auditing is consider main phase of IS auditing. Therefore, as IS auditor evaluate the different types of controls and their use in Information Security audit.
Task 5: As an Information Security Auditor, conduct an audit on network security tools of any organization (of your choice) and provide a comprehensive report to its senior management. The auditing report should include the auditor's (in this case your) inquiries and procedures followed during audit in detail.
TASKS DESCRIPTION -
TASK1: Work Proposal
Submit a work proposal for this assignment on or before, which must include: Understanding of deliverables - a detail description of deliverables, General overview of proposed plan - initial understanding of solution to all the tasks, Resources identified, Work proposal should be submitted in the form of word document in Moodle.
TASK 2: Audit planning and preparation
Expected topics - meeting with management, review current/existing reports, review job descriptions, review organization's IT policies and procedures, Evaluate the company's IT budget and systems planning documentation, etc.
TASK 3: Auditor's established frameworks for an audit process
Expected topics - Analyze one of information security auditing frameworks or approaches that an auditor should establish over starting the auditing process. Include definitions, process, phases, advantages, versions and diagrams.
TASK 4: Analyze the type of controls
Expected topics - detailed description on various possible control types
TASK 5: Perform audit and generate report
Expected topics - report on proper format as close to an audit charter, evidence on findings, description of inquiries and procedures followed, use of risk assessment, corporate governance applied, audit planning, etc.
Elements of the diagram clearly
: Write a 2-3 page paper. (Note: The Venn diagram should be located on a second or third page and can be any size as long as the instructor can see all the elements of the diagram clearly.)
|
Marketing strategies and marketing plans
: Outline the difference between marketing strategies and marketing plans. Identify the characteristics of effective marketing strategies and marketing plans. (200-250 words)
|
Is the note negotiable
: For the balance due on the purchase of a tractor, Henry Brown executed and delivered to Jane Jones his promissory note containing the following language:- Is the note negotiable? Explain.
|
Identify marketing strategies and the right marketing mix
: Your organisation has been developing a new product. Market research, conducted prior to the development of the new product, indicated that it should be viable, will meet the needs of the target market and is going to be profitable. Many months ha..
|
Analyze the audit planning and preparation
: COMP 0392 Information Security Audit Assignment. The auditor should have a sufficient knowledge about the company and its critical business activities before starting an audit review. Critically analyze the part of an Information Security auditor t..
|
Marketing objectives and progress toward achievement
: Explain why it is a good idea to discuss marketing objectives and progress toward achievement of objectives with customers and personnel responsible for each element of the marketing mix. In your answer, list and expand on at least five of the obj..
|
Great deal of time and money marketing
: Your organisation has spent a great deal of time and money marketing a new online store. What monitoring strategies that might be useful in this situation? Provide at least three examples and do not limit your answers to ideas provided in the text..
|
List the differences in product offerings in two countries
: Choose a doughnut/cinnamon bun/bread company with presence in two global markets. List the differences in product offerings in these 2 host countries and then compare same to home based product.
|
Examine sustainability in the context of the organization
: Examine sustainability in the context of the organization you selected. Why is sustainability a significant factor or entrepreneurial success? Explain the triple bottom line and how sustainability is a factor within the selected organization.
|