Explain the management plan for conducting it audits

Assignment Help Auditing
Reference no: EM131524275

Term Paper Assignment: Managing an IT Infrastructure Audit

This assignment consists of four sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan. You must submit all four sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.

Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.

In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:

• They have a main office and 268 stores in the U.S.

• They utilize a cloud computing environment for storage and applications.

• Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.

• They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.

• They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.

• They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.

• They enable wireless access at the main office and the stores.

• They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.

Section 1: Internal IT Audit Policy

Write a three to four page paper in which you:

1. Develop an Internal IT Audit Policy, which includes at a minimum:

a. Overview

b. Scope

c. Goals and objectives

d. Compliance with applicable laws and regulations

e. Management oversight and responsibility

f. Areas covered in the IT audits

g. Frequency of the audits

h. Use at least two quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 2: Management Plan

Write a four to six page paper in which you:

2. Explain the management plan for conducting IT audits, including:

a. Risk management

b. System Software and Applications

c. Wireless Networking

d. Cloud Computing

e. Virtualization

f. Cybersecurity and Privacy

g. BCP and DRP

h. Network Security

i. Use at least three quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 3: Project Plan

Use Microsoft Project or an Open Source alternative, such as Open Project to:

3. Develop a project plan which includes the applicable tasks for each of the major areas listed below for each element of the IT audit mentioned above; plan for the audit to be a two week audit.

a. Risk management

b. System software and applications

c. Wireless networking

d. Cloud computing

e. Virtualization

f. Cybersecurity and privacy

g. Network security

Section 4: Disaster Recovery Plan

Write a five to seven page paper in which you:

4. Develop a disaster recovery plan (DRP) for recovering from a major incident or disaster affecting the organization.

a. The organization must have no data loss.

b. The organization must have immediate access to organizational data in the event of a disaster.

c. The organization must have critical systems operational within 48 hours.

d. Include within the DRP the audit activities needed to ensure that the organization has an effective DRP and will be able to meet the requirements stated above.

e. Use at least three quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.

• Include a cover page containing the title of the assignment, the student's name, the professor's name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

Reference no: EM131524275

Reviews

Write a Review

 

Auditing Questions & Answers

  Classify each of the following threats as either

classify each of the following threats as either self-interest self-review advocacy familiarity or intimidation.1 the

  Collapse of enron and arthur andersen

Use the events and outcomes surrounding the collapse of Enron and Arthur Andersen to give insight on this issue in a one page Memo that is addressed to Mr. Tu Dewie and resolves his concerns.

  Internal complaints

Discuss how can an organization best use its internal complaint process to forego the need for external resolution? When might a professional moderation be useful? Provide an example.

  Audit of multifaceted special events

As an independent financial consultant, you have been hired to audit the books of a multifaceted special events organization. Upon examination of the records, you determine that management intentionally commingled funds between the different divis..

  Internal audit

Describe and evaluate this type of internal audit. What types of organisation would it be most useful for?

  List at least eight elements of ineffective internal control

List at least eight elements of ineffective internal control at Brown Company. List at least six elements of effective internal control at Brown Company.

  Identify inherent risks that consider for each company

ACCM 4400 Auditing and Assurance Team Assignment - Research and Presentation. Inherent risks that you would have to consider for each company in the audit

  Identify factor that impact on risk of material misstatement

Identify the factors that would impact on the risk of material misstatement and explain the effect of those factors on planning materiality and risk.

  The bakfirn corporation a publicly traded firm has

the bakfirn corporation a publicly traded firm has contracted with youcpa your public accounting firm for an audit. the

  What are the main functions of an audit

What qualifications does an auditor have to have, does the auditor have to always be an external person and explain the rights, duties and liabilities of an auditor

  What is involved in the evaluation process

What is the objective of this evaluation? What is involved in the evaluation process? Do you think this evaluation is an effective method to assess clients? Why or why not? What is the focus of the assessment?

  Audit of information systems-controls

Discuss the difference between general controls and application controls. Provide an example of a policy on internal controls. How might a policy on internal controls be communicated to employees?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd