User Account

All Pages

Describe the sarbanes-oxley act

Assignment Help Computer Network Security
Reference no: EM13994745

Question:

Term Paper: Managing an IT Infrastructure Audit

This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan. You must submit all four (4) sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.

Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.

In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:

They have a main office and 268 stores in the U.S.

They utilize a cloud computing environment for storage and applications.

Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.

They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.

They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.

They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.

They enable wireless access at the main office and the stores.

They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.

Section 1: Internal IT Audit Policy

Write a three to four (3-4) page paper in which you:

1. Develop an Internal IT Audit Policy, which includes at a minimum:

a. Overview

b. Scope

c. Goals and objectives

d. Compliance with applicable laws and regulations

e. Management oversight and responsibility

f. Areas covered in the IT audits

g. Frequency of the audits

h. Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 2: Management Plan

Write a four to six (4-6) page paper in which you:

2. Explain the management plan for conducting IT audits, including:

a. Risk management

b. System Software and Applications

c. Wireless Networking

d. Cloud Computing

e. Virtualization

f. Cybersecurity and Privacy

g. BCP and DRP

h. Network Security

i. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 3: Project Plan

Use Microsoft Project or an Open Source alternative, such as Open Project to:

3. Develop a project plan which includes the applicable tasks for each of the major areas listed below for each element of the IT audit mentioned above; plan for the audit to be a two (2) week audit.

a. Risk management

b. System software and applications

c. Wireless networking

d. Cloud computing

e. Virtualization

f. Cybersecurity and privacy

g. Network security

Section 4: Disaster Recovery Plan

Write a five to seven (5-7) page paper in which you:

4. Develop a disaster recovery plan (DRP) for recovering from a major incident or disaster affecting the organization.

a. The organization must have no data loss.

b. The organization must have immediate access to organizational data in the event of a disaster.

c. The organization must have critical systems operational within 48 hours.

d. Include within the DRP the audit activities needed to ensure that the organization has an effective DRP and will be able to meet the requirements stated above.

e. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student's name, the professor's name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

Describe the Sarbanes-Oxley (SOX) act and Committee of Sponsoring Organizations (COSO) framework.

Describe the process of performing effective information technology audits and general controls.

Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication

networks, cloud computing, service-oriented architecture and virtualization.

Explain the role of cybersecurity privacy controls in the review of system processes.

Discuss and develop strategies that detect and prevent fraudulent business practices.

Describe and create an information technology disaster recovery plan.

Develop an audit plan and control framework that addresses and solves a proposed business problem.

Use technology and information resources to research issues in information technology audit and control.

Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.

Reference no: EM13994745

Questions Cloud

Find the acceleration acm in terms of m - r and g : A yo-yo with radius R and mass m starts from rest and unwinds. The yo-yo has a moment of Inertia Icm=1/3mR2. Find the acceleration acm in terms of m,R and g.
Find the work done by the gas and heat absorbed by the gas : Find the work done by the gas, the heat absorbed by the gas, and the internal energy change of the gas, first for each part of the cycle and then for the complete cycle.
Prepare the adjusting entry to record the bonus : Bonus arrangements take many forms. Suppose the bonus specifies that the bonus is 10% of the division's income before tax, but after the bonus itself. Calculate the amount of the bonus.
Each user has a unique five-digit id number : Each user has a unique five-digit ID number. Whenever a user logs on, the user's ID, lab  number, and the computer station number are transmitted to your system. For example, if user 49193 logs onto station 2 in lab 3, then your system receives (4919..
Describe the sarbanes-oxley act : Describe the Sarbanes-Oxley (SOX) act and Committee of Sponsoring Organizations (COSO) framework - describe the process of performing effective information technology audits and general controls.
Describe the intended audience for your selected news story : Describe the intended audience for your selected news story. Would the article change depending on the audience? How would it change? Why or why not
Other things held constant-the higher the price of a good : Other things held constant, the higher the price of a good
Optimal combinations of labor and capital : The production engineers at Impact Industries have derived the optimal combinations of labor and capital (the only two inputs used by Impact) for three levels of output: 120, 180, and 240 units of output: If the manager of Impact Industries decides t..
How mass of the yo-yo could be distributed to create icm : A yo-yo is released from rest and starts to unwind. The yo-yo has a cyclinder shape, a radius R, and a mass of m. The yo-yo has a moment of Inertia Icm=1/3mR2. Explain in words how the mass of the yo-yo could be distributed to create this Icm.

Reviews

Write a Review

Computer Network Security Questions & Answers

  Famous financial corporation

Your submission should demonstrate thoughtful consideration of the ideas and concepts that are presented in the course and provide new thoughts and insight relating directly to the topic. Your response should reflect scholarly writing and APA stan..

  What levels of security appropriate to secure information

Determine what levels of security are appropriate to secure the information system while allowing a maximum amount of uninterrupted work flow.

  Explain decryption speed

Considering the continuous increase in computer speed, the company decided to increase the size of the encryption key so that the time to break the encryption become more than 250 hours. What should be the minimum key size increase to meet this ob..

  Infa 640 cryptology and data protection

Suppose that Eve runs a key server.  Alice downloads a key from the key server which Eve claims is Bob’s public key.  Bob downloads a key from the key server which Eve claims is Alice’s public key.

  Explain computer forensics software or services

Use a web search engine to search for companies specializing in computer forensics software or services. Select two or three and write a one- to two-page report comparing what each company does.

  Prepare an employee acceptable use policy

Employee IT Acceptable Use Policy Prepare an employee acceptable use policy for a real or fictional organization to address its information systems, technology and assets.

  List the user groups and access rights for the network

Discuss additional security measures that you plan to implement for the network to meet the needs. List the user groups and access rights for the network. Include your justification for the user policy.

  Various aspects of outsourcing the it function

Write a 3- to 5-page paper that discusses the various aspects of outsourcing the IT function from an organization. Address the following questions in your paper:

  Use private key to decrypt the cipher text

Using blocks of 4 encrypt the message I AM AN MSC STUDENT MAJORING IN SECURITY using the public key above. Similarly use the private key above to decrypt the cipher text.

  Staff to maintain integrity of the network

Offsite storage like Cloud technology can allow access to all critical information without invests additional resource to maintain the storage solutions and the staff to maintain integrity of the network.

  Using cbc mode of operation what are consequences

Using CBC mode of operation what are the consequences of decrypting the cipher text if it has an error in the first bit of the first block C?

  Strong ciphers produced by the enigma machine

Concur with, dispute, or qualify following statement: "The strong ciphers produced by Enigma machine are  result of complex mathematical trapdoor functions used to encrypt messages."

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd