User Account

All Pages

Develop a project plan which includes the applicable tasks

Assignment Help Computer Engineering
Reference no: EM132008034

Question: Term Paper: Managing an IT Infrastructure Audit

This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan. You must submit all four (4) sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.

Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.

In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:

• They have a main office and 268 stores in the U.S.

• They utilize a cloud computing environment for storage and applications.

• Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.

• They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.

• They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.

• They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.

• They enable wireless access at the main office and the stores.

• They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.

Section 1: Internal IT Audit Policy

Write a three to four (3-4) page paper in which you:

1. Develop an Internal IT Audit Policy, which includes at a minimum:

a. Overview

b. Scope

c. Goals and objectives

d. Compliance with applicable laws and regulations

e. Management oversight and responsibility

f. Areas covered in the IT audits

g. Frequency of the audits

h. Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 2: Management Plan

Write a four to six (4-6) page paper in which you:

2. Explain the management plan for conducting IT audits, including:

a. Risk management

b. System Software and Applications

c. Wireless Networking

d. Cloud Computing

e. Virtualization

f. Cybersecurity and Privacy

g. BCP and DRP

h. Network Security

i. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 3: Project Plan

Use Microsoft Project or an Open Source alternative, such as Open Project to:

3. Develop a project plan which includes the applicable tasks for each of the major areas listed below for each element of the IT audit mentioned above; plan for the audit to be a two (2) week audit.

a. Risk management

b. System software and applications

c. Wireless networking

d. Cloud computing

e. Virtualization

f. Cybersecurity and privacy

g. Network security

Section 4: Disaster Recovery Plan

Write a five to seven (5-7) page paper in which you:

4. Develop a disaster recovery plan (DRP) for recovering from a major incident or disaster affecting the organization.

a. The organization must have no data loss.

b. The organization must have immediate access to organizational data in the event of a disaster.

c. The organization must have critical systems operational within 48 hours.

d. Include within the DRP the audit activities needed to ensure that the organization has an effective DRP and will be able to meet the requirements stated above.

e. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA format.

The specific course learning outcomes associated with this assignment are:

• Describe the Sarbanes-Oxley (SOX) act and Committee of Sponsoring Organizations (COSO) framework.

• Describe the process of performing effective information technology audits and general controls.

• Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication networks, cloud computing, service-oriented architecture and virtualization.

• Explain the role of cyber security privacy controls in the review of system processes.

• Discuss and develop strategies that detect and prevent fraudulent business practices.

• Describe and create an information technology disaster recovery plan.

• Develop an audit plan and control framework that addresses and solves a proposed business problem.

• Use technology and information resources to research issues in information technology audit and control.

• Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.

Reference no: EM132008034

Questions Cloud

Evidence of a learners achievement and growth : Create a portfolio, establish rubric(s), and create a rating form. The portfolio must be created for a particular group of students in an authentic context.
Market failures associated with asymmetry of information : In each case use a specific example to explain the circumstances leading to the market failure and the nature of the market failure.
What is the amount of interest income to be reported : The company uses the straight-line method of amortization. What is the amount of interest income to be reported on the 2005 income statement
Showtime-history bundle available : Suppose Time Warner could sell Showtime for $9, and the History channel for $8, while making Showtime-History bundle available for $13.
Develop a project plan which includes the applicable tasks : Develop a project plan which includes the applicable tasks for each of the major areas listed below for each element of the IT audit mentioned above.
How to increase or foster cultural and diversity awareness : Discuss ethical guidelines to adopt or initiate to motivate, engage, and develop diverse teams. How to increase or foster cultural and diversity awareness.
How the investment would be structured : Discussion of how the investment would be structured - clear capitalization table showing ownership through to exit
Develop the skills necessary to locate and critique : The purpose of this assignment is to develop the skills necessary to locate and critique the kinds of sources required for scholarly writing about film.
What is jill present value of not obtaining masters degree : a)Approximately what is Jill's present value of obtaining a master's degree? b) What is Jill's present value of not obtaining the masters degree?

Reviews

Write a Review

Computer Engineering Questions & Answers

  Distinguish between behaviorism and cognitivism

In no more than 300 words, distinguish between (psychological) behaviorism and cognitivism, and explain what you take to be (a) the best point in favor of each.

  What would you say to a vendor that tells you

What would you say to a vendor that tells you that his system runs 50% of the SPEC benchmark kernel programs twice as fast as the leading competitive system? Which statistical fallacy is at work here?

  How can you extract from the output of find name

How can you extract from the output of find . -name "*.c" -print only the filenames in the current directory and not in its subdirectories?

  Write a game program guess which tries to guess

You will want to keep track of the range of numbers that might have been chosen based on the answers that have been given so far until there is only one number left. You can approximately divide an integer by 2 by right-shifting it by one bit.

  Web-based sites offer file sharing equal to napster

Do a Web search for stories about Napster and its legal battles. Why has the Recording Industry Association of America (RIAA) filed its lawsuit? How is this different from making a VHS copy of a movie or TV show with your VCR.

  Deducing an expression for pp

Utilizing the information above, deduce an expression for the PP, and provide comment on resulting expression. Also, what the ATM services would you utilize in order to obtain the best possible performance?

  Define advantages and disadvantages of wireless networks

I want assitance with question A and question B. Question C has to be in great detail where I can use a a guide to form a comprehensive report. please pr reference will greatly be appreciated.

  Why are byte wide memory components frequently preferred

The 68000 has an A00 address bit in all its address registers (including the PC). The 68000 has no A00 pin. Why?

  Discuss guidelines for security systems

Describe whether there any security system guidelines described in the text that could be eliminated without weakening the security system

  Create a pricing system for a company

Create a pricing system for a company that makes individualized computers, such as you might see on a Web site. There are two kinds of computers.

  How can ajax influence a web developer

What is the relationship between Web 2.0, SOAP, and XML.How can AJAX influence a Web Developer.

  Describe how you can use q to scan s to see

Describe how you can use Q to scan S to see if it contains a certain element x, with the additional constraint that your algorithm must return the elements.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd