User Account

All Pages

Describe the sarbanes-oxley act

Assignment Help Computer Network Security
Reference no: EM13994745

Question:

Term Paper: Managing an IT Infrastructure Audit

This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan. You must submit all four (4) sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.

Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.

In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:

They have a main office and 268 stores in the U.S.

They utilize a cloud computing environment for storage and applications.

Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.

They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.

They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.

They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.

They enable wireless access at the main office and the stores.

They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.

Section 1: Internal IT Audit Policy

Write a three to four (3-4) page paper in which you:

1. Develop an Internal IT Audit Policy, which includes at a minimum:

a. Overview

b. Scope

c. Goals and objectives

d. Compliance with applicable laws and regulations

e. Management oversight and responsibility

f. Areas covered in the IT audits

g. Frequency of the audits

h. Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 2: Management Plan

Write a four to six (4-6) page paper in which you:

2. Explain the management plan for conducting IT audits, including:

a. Risk management

b. System Software and Applications

c. Wireless Networking

d. Cloud Computing

e. Virtualization

f. Cybersecurity and Privacy

g. BCP and DRP

h. Network Security

i. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 3: Project Plan

Use Microsoft Project or an Open Source alternative, such as Open Project to:

3. Develop a project plan which includes the applicable tasks for each of the major areas listed below for each element of the IT audit mentioned above; plan for the audit to be a two (2) week audit.

a. Risk management

b. System software and applications

c. Wireless networking

d. Cloud computing

e. Virtualization

f. Cybersecurity and privacy

g. Network security

Section 4: Disaster Recovery Plan

Write a five to seven (5-7) page paper in which you:

4. Develop a disaster recovery plan (DRP) for recovering from a major incident or disaster affecting the organization.

a. The organization must have no data loss.

b. The organization must have immediate access to organizational data in the event of a disaster.

c. The organization must have critical systems operational within 48 hours.

d. Include within the DRP the audit activities needed to ensure that the organization has an effective DRP and will be able to meet the requirements stated above.

e. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student's name, the professor's name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

Describe the Sarbanes-Oxley (SOX) act and Committee of Sponsoring Organizations (COSO) framework.

Describe the process of performing effective information technology audits and general controls.

Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication

networks, cloud computing, service-oriented architecture and virtualization.

Explain the role of cybersecurity privacy controls in the review of system processes.

Discuss and develop strategies that detect and prevent fraudulent business practices.

Describe and create an information technology disaster recovery plan.

Develop an audit plan and control framework that addresses and solves a proposed business problem.

Use technology and information resources to research issues in information technology audit and control.

Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.

Reference no: EM13994745

Questions Cloud

Find the acceleration acm in terms of m - r and g : A yo-yo with radius R and mass m starts from rest and unwinds. The yo-yo has a moment of Inertia Icm=1/3mR2. Find the acceleration acm in terms of m,R and g.
Find the work done by the gas and heat absorbed by the gas : Find the work done by the gas, the heat absorbed by the gas, and the internal energy change of the gas, first for each part of the cycle and then for the complete cycle.
Prepare the adjusting entry to record the bonus : Bonus arrangements take many forms. Suppose the bonus specifies that the bonus is 10% of the division's income before tax, but after the bonus itself. Calculate the amount of the bonus.
Each user has a unique five-digit id number : Each user has a unique five-digit ID number. Whenever a user logs on, the user's ID, lab  number, and the computer station number are transmitted to your system. For example, if user 49193 logs onto station 2 in lab 3, then your system receives (4919..
Describe the sarbanes-oxley act : Describe the Sarbanes-Oxley (SOX) act and Committee of Sponsoring Organizations (COSO) framework - describe the process of performing effective information technology audits and general controls.
Describe the intended audience for your selected news story : Describe the intended audience for your selected news story. Would the article change depending on the audience? How would it change? Why or why not
Other things held constant-the higher the price of a good : Other things held constant, the higher the price of a good
Optimal combinations of labor and capital : The production engineers at Impact Industries have derived the optimal combinations of labor and capital (the only two inputs used by Impact) for three levels of output: 120, 180, and 240 units of output: If the manager of Impact Industries decides t..
How mass of the yo-yo could be distributed to create icm : A yo-yo is released from rest and starts to unwind. The yo-yo has a cyclinder shape, a radius R, and a mass of m. The yo-yo has a moment of Inertia Icm=1/3mR2. Explain in words how the mass of the yo-yo could be distributed to create this Icm.

Reviews

Write a Review

 

Computer Network Security Questions & Answers

  What firewall setup would provide the firm both flexibility

Which firewall technologies should be deployed to (a) secure the internet-facing web servers (b) to protect the link between the web servers and customer database (c) to protect the link between internal users and the customer database? Be sure to..

  Application of principles of ethics to ict-related issues

Demonstrate factual knowledge, understanding and the application of principles of ethics to ICT-related issues and demonstrate depth of analysis by examining arguments for one ethical issue related to ICT

  Analysis to be presented in a 10- to 15-slide microsoft

analysis to be presented in a 10- to 15-slide microsoft powerpoint presentation and use detailed speaker notes for

  Describe the main objectives of the anba drp

Explain the key ways that ANBAs DRP can help mitigate risk in the organization and defend the need for DRPs in an enterprise organization such as ANBA.

  Assignment on secure encrypted communications

Transmitting personal and business data and information over secure communication channels is critical. In some cases it is required, especially when personally identifiable information is being transmitted.

  Identify and evaluate strategies for crisis management

Identify and evaluate strategies for crisis management. Your paper should focus on the information technology perspective in terms of crisis management.

  Security vulnerabilities of authentication scheme

Clinet's MAC address is explicitly excluded in the AP/router configuration. What are the security vulnerabilities of this authentication scheme?

  Structure for the task of implementing

Draft a work breakdown structure for the task of implementing and using a PC-based virus detection (one that is not centrally managed)

  What is the definition of information security what

1.what is the definition of information security? what essential protections must be in place to protect information

  Create alternative message which has hash value

Generates the alternative message which has a hash value which collides with Bob's original hash value. Illustrate a message that Alice may have spoofed, and demonstrate that its hash value collides with Bob's original hash.

  Strategies and recommendations to the cio

Explain in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization and draft a one page Executive Summary that details your strategies and recommendations to t..

  How does a security framework assist or affect

How does a security framework assist or affect in the design and implementation of a security infrastructure? Detail information security governance and what organizations and personnel will use it

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd