Describe the sarbanes-oxley act

Assignment Help Computer Network Security
Reference no: EM13994745

Question:

Term Paper: Managing an IT Infrastructure Audit

This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan. You must submit all four (4) sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.

Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.

In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:

They have a main office and 268 stores in the U.S.

They utilize a cloud computing environment for storage and applications.

Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.

They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.

They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.

They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.

They enable wireless access at the main office and the stores.

They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.

Section 1: Internal IT Audit Policy

Write a three to four (3-4) page paper in which you:

1. Develop an Internal IT Audit Policy, which includes at a minimum:

a. Overview

b. Scope

c. Goals and objectives

d. Compliance with applicable laws and regulations

e. Management oversight and responsibility

f. Areas covered in the IT audits

g. Frequency of the audits

h. Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 2: Management Plan

Write a four to six (4-6) page paper in which you:

2. Explain the management plan for conducting IT audits, including:

a. Risk management

b. System Software and Applications

c. Wireless Networking

d. Cloud Computing

e. Virtualization

f. Cybersecurity and Privacy

g. BCP and DRP

h. Network Security

i. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 3: Project Plan

Use Microsoft Project or an Open Source alternative, such as Open Project to:

3. Develop a project plan which includes the applicable tasks for each of the major areas listed below for each element of the IT audit mentioned above; plan for the audit to be a two (2) week audit.

a. Risk management

b. System software and applications

c. Wireless networking

d. Cloud computing

e. Virtualization

f. Cybersecurity and privacy

g. Network security

Section 4: Disaster Recovery Plan

Write a five to seven (5-7) page paper in which you:

4. Develop a disaster recovery plan (DRP) for recovering from a major incident or disaster affecting the organization.

a. The organization must have no data loss.

b. The organization must have immediate access to organizational data in the event of a disaster.

c. The organization must have critical systems operational within 48 hours.

d. Include within the DRP the audit activities needed to ensure that the organization has an effective DRP and will be able to meet the requirements stated above.

e. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student's name, the professor's name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

Describe the Sarbanes-Oxley (SOX) act and Committee of Sponsoring Organizations (COSO) framework.

Describe the process of performing effective information technology audits and general controls.

Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication

networks, cloud computing, service-oriented architecture and virtualization.

Explain the role of cybersecurity privacy controls in the review of system processes.

Discuss and develop strategies that detect and prevent fraudulent business practices.

Describe and create an information technology disaster recovery plan.

Develop an audit plan and control framework that addresses and solves a proposed business problem.

Use technology and information resources to research issues in information technology audit and control.

Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.

Reference no: EM13994745

Previous Q& A

  Describe the intended audience for your selected news story

Describe the intended audience for your selected news story. Would the article change depending on the audience? How would it change? Why or why not

  Other things held constant-the higher the price of a good

Other things held constant, the higher the price of a good

  Optimal combinations of labor and capital

The production engineers at Impact Industries have derived the optimal combinations of labor and capital (the only two inputs used by Impact) for three levels of output: 120, 180, and 240 units of output: If the manager of Impact Industries decides t..

  How mass of the yo-yo could be distributed to create icm

A yo-yo is released from rest and starts to unwind. The yo-yo has a cyclinder shape, a radius R, and a mass of m. The yo-yo has a moment of Inertia Icm=1/3mR2. Explain in words how the mass of the yo-yo could be distributed to create this Icm.

  Find an inflow of cash from investors

Select the place(s) in your accounting documents where you would find an inflow of cash from investors. On the cash flow statement under operations. On the cash flow statement under investment. On the income statement under operating revenue.

  Find the angle at which the first order maximum occurs

In a Young's double-slit experiment, 633-nm laser light illuminates two slits separated by a distance of 3.64 x 10-5 m. Find the angle at which the first order maximum occurs.

  What is the absolute value of the own price elasticity

If a price increase from $5 to $7 causes quantity demanded to fall from 150 to 100 and vice-versa, what is the absolute value of the own price elasticity at a price of $7? Note that the question is about the price point of $7, and not $5.

  Calculate the interest rate for the past year

If $100 at time zero will be worth 110 a year later and was worth 90 a year before, calculate the interest rate for the past year and the interest rate for the next year. (Show work and equations)

  Consumer price index-annual compounded inflation rate

You are given the following information on the Consumer Price Index (CPI) in three countries: US Japan UK Dec. 2010 138 1205 442 Dec. 2015 163 1335 557 In December 2010 the Yen/$ spot rate was ¥83.0025/$, and the $/£ ex-rate was $1.5595/£. Calculate ..

  How mutations contribute to variation within a population

Discuss a specific example of how human activities can damage the environment, and explain how this damage could be reduced or eliminated.

Reviews

Write a Review

 

Similar Q& A

  Security administrator of a major organization

You have just been hired as the security administrator of a major organization that was recently breached by a social engineer

  Find a sample phishing email

Use Google to find a sample phishing email which there are many of on the Internet

  What is an information security program?

What is an information security program?

  Choose two firms which offer computer security outsourcing

you have been asked to help decide whether to outsource security or keep the security function within the firm. search

  Describe the environment of your forensic workstation

Describe the environment of your forensic workstation and the access to the machine. Describe the procedure that you used to download the image file to your work directory.

  Apply division method to calculate hash value of character

How can we apply division method to calculate hash value of character string without using more than constant number of words of storage outside string itself?

  What is the meaning of the cia triad in information security

What is the difference between Symmetric and Asymmetric Key Cryptography

  Famous financial corporation

Your submission should demonstrate thoughtful consideration of the ideas and concepts that are presented in the course and provide new thoughts and insight relating directly to the topic. Your response should reflect scholarly writing and APA stan..

  Protecting intellectual property rights in software

Explain the reason of each of these approaches and explain how each of them can be used to protect property rights in software. Please include any experiences you have had with these methods.

  Basic encryption and platform security

Read and summarize "Big iron lessons, Part 5: Introduction to cryptography, from Egypt through Enigma"

  What data can you leak when using public hotspots

What data can you leak when using public hotspots and how can you protect yourself when using them

  Perform a business impact analysis for a provided scenario

Perform a business impact analysis for a provided scenario and create a business continuity plan (BCP) based on the findings of a given risk assessment for an organization.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd