User Account

All Pages

Develop an internal IT audit policy

Assignment Help Auditing
Reference no: EM132805153

Managing an IT Infrastructure Audit

Overview

This assignment consists of four distinct elements: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan. You must submit all four sections as separate files. Name each file as indicated in the instructions below.

Make any assumptions needed for the completion of this assignment, and base your work on the following scenario:

You are an information security manager for a large national retailer and are directly responsible for the planning and oversight of IT audits. At the request of the board of directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit and, consequently the overall success of the systems implemented in the organization.

You must develop a policy for conducting IT audits and develop a project plan for conducting two-week IT audits.

In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:
• They have a main office and 268 stores in the United States.
• They use a cloud computing environment for storage and applications.
• Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.
• They have over 1,000 desktops and approximately 500 organization-owned laptops at the main headquarters.
• They allow employees to bring their own devices into the organization; however, they are subject to search upon entry and exit from the building.
• They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.
• They enable wireless access at the main office and the stores.
• They process an average of 67.2 credit card transactions per hour, every day, at each location, and via their corporate website.

Instructions

Section 1: Internal IT Audit Policy.
Write a 3-4 page paper in which you:
1. Develop an internal IT audit policy, which includes at a minimum:
o Overview.
o Scope.
o Goals and objectives.
o Compliance with applicable laws and regulations.
o Management oversight and responsibility.
o Areas covered in the IT audits.
o Frequency of the audits.
Use at least two quality resources. Note: Wikipedia and similar websites do not qualify as quality resources.

Section 2: Management Plan.

Write a 4-6 page paper in which you:
1. Explain the management plan for conducting IT audits, including:
o Risk management.
o System software and applications.
o Wireless networking.
o Cloud computing.
o Virtualization.
o Cybersecurity and privacy.
o BCP and DRP.
o Network security.
Use at least three quality resources. Note: Wikipedia and similar websites do not qualify as quality resources.

Section 3: Project Plan.
Use Microsoft Project or an open source alternative such as Open Project to:
1. Develop a project plan that includes the applicable tasks for each of the major areas listed below for each element of the IT audit mentioned above; plan for a two-week audit.
o Risk management.
o System software and applications.
o Wireless networking.
o Cloud computing.
o Virtualization.
o Cybersecurity and privacy.
o Network security.

Section 4: Disaster Recovery Plan.

Write a 5-7 page paper in which you:
1. Develop a disaster recovery plan (DRP) for recovering from a major incident or disaster affecting the organization.
o The organization must have no data loss.
o The organization must have immediate access to organizational data in the event of a disaster.
o The organization must have critical systems operational within 48 hours.

Include within the DRP the audit activities needed to ensure that the organization has an effective DRP and will be able to meet the requirements stated above.

Use at least three quality resources. Note: Wikipedia and similar websites do not qualify as quality resources.

Part 1

1. Disaster recovery planning is essential for a business to survive when unexpected events impact daily operations. Identify the areas of disaster recovery planning and preparedness you believe organizations are often lacking. Provide a rationale for your response.

2. Analyze and describe the key controls, especially nontechnical controls, that would ensure a business is prepared for a disaster. Elaborate on the impact that a disaster might have on the auditing process.

Part 2

1. Identify three challenges organizations face when implementing change and patch management processes for the first time. Make suggestions to address these challenges.

2. Suggest the elements of change and patch management that are most difficult to audit in a large corporate environment with multiple IT issues and changes occurring every day. Provide a rationale for your suggestions.

Part 3

1. Create a list of at least five auditing best practices for organizations to follow when implementing their quality assurance auditing programs.

2. Select the auditing best practices you feel are most difficult to implement and offer means of addressing them.

Attachment:- Managing an IT Infrastructure Audit.rar

Reference no: EM132805153

Questions Cloud

Weaknesses and strengths points of TCP and UDP protocol : Neither TCP nor UDP provides any encryption-the data that the sending process passes into its socket is the same data.
Discuss the impact of recommendations on the stakeholder : For each article, identify the strengths and weaknesses, the validity, the reliability of conclusions, and the applications of the research.
Compute the depreciation expenses : Compute the (1) Depreciation expenses in 20x1 and 20x2 and the (2) Carrying amounts of the machine on December 31, 20x2, respectively
What nonverbal communication support level of communication : If you were Mrs. G.'s daughter what would you say to her that shows you are caring and have compassion for her situation? What nonverbal communication would.
Develop an internal IT audit policy : Develop an internal IT audit policy and Explain the management plan for conducting IT audits - Develop a project plan that includes the applicable tasks
Analyze the interdependence of food service : Determine the likely consequences of the introduction of gaming entertainment into your state, or if your state already allows gaming
What is personal finance : What is personal Finance? How important the consumer protection law in relation to finance? Discuss the role of money personal, business and in the economy
Determine the impact of computerization on food service : Determine the impact of computerization on food service and lodging operations in your state, particularly in the areas of reservations
What did you learn about yourself as a leader : Complete the Emotional Intelligence Test Discuss your scores and what they mean. What did you learn about yourself as a leader? (Note that a 10 on the EI test).

Reviews

Write a Review

Auditing Questions & Answers

  Such as monthly closing and reconciliation processes

1.Auditors often have to test the effectiveness of infrequently operating controls, such as monthly closing and reconciliation processes.

  Identify any breach committed by the auditors

Identify any breach committed by the Auditors under the Corporations Act 2001 and APES 110- Code of Ethics for Professional Accountants - use analytical procedures to support your financial statement analysis and identify which were the major fac..

  How you would correct up to eight of the errors

There are numerous errors within the above audit report. Identify and indicate how you would correct up to eight of the errors within this audit report.

  Journal entries and work in process inventory account

Stanley Printing Company began operation in March with three custom orders. The following costs were incurred during the month.

  Define actual and perceived independence

Define actual and perceived independence, and explain the importance of each - Leo is the eldest son of the factory foreman of one of your firm's major audit clients, Precision Machinery Limited. During vacation work, L is assigned to the audit of ..

  Review the audit report issued by the external auditing firm

Review the audit report issued by the external auditing firm from the company's Website for the year it was accused of fraud.

  Identify the possible alternative points of view

Identify the possible alternative points of view. There is no one right answer.You may be able to support either a yes or no answer for any of these scenarios.

  Research the topic and prepare a report

Students are required to research into the rationale for the new auditing standard ASA 701, explain clearly what it is and select an industry

  Implication of ASX corporate governance principles

Implication of ASX Corporate Governance Principles from your selected company Conceptualize and explain how to your selected company implements

  What should be the correct payment to the ATO have been

In your opinion, after investigating this BAS as a sample document as part of your audit, what should be the correct payment to the ATO have been

  Compunding of interest-annually-semi annually

Suppose you were considering depositing your savings in one of three banks, all of which pay 5 percent interest; bank A compounds annually, bank B compounds semiannually, and bank C compounds daily. Which bank would you choose? Why?

  Discuss several inherent risk factors that would have

List and discuss several inherent risk factors that would have contributed to an increased inherent risk assessment at the account balance level.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd