User Account

All Pages

Explain the management plan for conducting it audits

Assignment Help Other Subject
Reference no: EM132106775

Question: Term Paper: Managing an IT Infrastructure Audit

This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan. You must submit all four (4) sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.

Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.

In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:

• They have a main office and 268 stores in the U.S.

• They utilize a cloud computing environment for storage and applications.

• Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.

• They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.

• They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.

• They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.

• They enable wireless access at the main office and the stores.

• They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.

Section 1: Internal IT Audit Policy

Write a three to four (3-4) page paper in which you:

1. Develop an Internal IT Audit Policy, which includes at a minimum:

a. Overview

b. Scope

c. Goals and objectives

d. Compliance with applicable laws and regulations

e. Management oversight and responsibility

f. Areas covered in the IT audits

g. Frequency of the audits

h. Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 2: Management Plan

Write a four to six (4-6) page paper in which you:

2. Explain the management plan for conducting IT audits, including:

a. Risk management

b. System Software and Applications

c. Wireless Networking

d. Cloud Computing

e. Virtualization

f. Cybersecurity and Privacy

g. BCP and DRP

h. Network Security

i. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Section 3: Project Plan

Use Microsoft Project or an Open Source alternative, such as Open Project to:

3. Develop a project plan which includes the applicable tasks for each of the major areas listed below for each element of the IT audit mentioned above; plan for the audit to be a two (2) week audit.

a. Risk management

b. System software and applications

c. Wireless networking

d. Cloud computing

e. Virtualization

f. Cybersecurity and privacy

g. Network security

Section 4: Disaster Recovery Plan

Write a five to seven (5-7) page paper in which you:

4. Develop a disaster recovery plan (DRP) for recovering from a major incident or disaster affecting the organization.

a. The organization must have no data loss.

b. The organization must have immediate access to organizational data in the event of a disaster.

c. The organization must have critical systems operational within 48 hours.

d. Include within the DRP the audit activities needed to ensure that the organization has an effective DRP and will be able to meet the requirements stated above.

e. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.

• Include a cover page containing the title of the assignment, the student's name, the professor's name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

• Describe the Sarbanes-Oxley (SOX) act and Committee of Sponsoring Organizations (COSO) framework.

• Describe the process of performing effective information technology audits and general controls.

• Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication networks, cloud computing, service-oriented architecture and virtualization.

• Explain the role of cybersecurity privacy controls in the review of system processes.

• Discuss and develop strategies that detect and prevent fraudulent business practices.

• Describe and create an information technology disaster recovery plan.

• Develop an audit plan and control framework that addresses and solves a proposed business problem.

• Use technology and information resources to research issues in information technology audit and control.

• Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.

Reference no: EM132106775

Questions Cloud

Describe the scope of the project and control measures : You are now in the final stage of the project plan development. All previous documentation should be combined into one document that will serve.
Explain workforce planning as to its purpose : Explain workforce planning as to its purpose. Describe methods for conducting workforce planning and detail desired outcomes.
How important has cash generation been for current company : Generating cash is the ultimate responsibility for managers today. Cash and cash flow are considered the "life blood" of a business.
Develop problem-solving skills that generate idea creation : Develop problem-solving skills that generate idea creation, and apply them to everyday personal and professional experience.
Explain the management plan for conducting it audits : Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight.
Create a timeline that maps out how to overcome these issues : Identify three problems that people might encounter in their everyday lives. These can be even the most basic of life's inconveniences.
The ideas about organization as communication : Based on the assigned video, explain the difference between thinking of "communication IN organizations" and "organizations AS communication."
Calculate the mean and standard deviation : Calculate the mean and standard deviation of the simulated values. How do they compare to the mean and standard deviation of the given probability distribution
What type of research papers was used : Write an original research report consisting of one of the following topic areas: 1) Virtual Organizations, 2) Network Organizations, 3) Spin-out Organizations.

Reviews

Write a Review

Other Subject Questions & Answers

  Pharmaceutical calculation training manual to assist

If you were compiling a pharmaceutical calculation training manual to assist new pharmacy technicians, what two (2) best practices would you emphasize that you learned in this course?

  Analyze the leadership team reaction to the failure

Analyze the leadership team's reaction to the failure, and indicate whether the leadership took sufficient measures to deal with various stakeholder groups impacted by the failure. Provide support for the rationale

  Government polices over important areas in lives

The government polices over important areas in our lives. Our health is one of them. They set standards and regulations to help us. Do you think they are doing a good job in this area?

  Discuss about the area of specialization in psychology

What criteria did you use to evaluate the authority, credibility, and scholarliness of the articles within the field of psychology?

  Discuss the impact of the various reimbursements

Use an electronic spreadsheet to show how you computed the break even and embed the spreadsheet in your paper. Discuss the impact of the various reimbursements (e.g., Medicare, Medicaid, private, or self-pay)

  Illustrate out the socratic method

Illustrate out the Socratic method? What is it designed to do? Try to illustrate this method with a concrete example.

  Discuss about the major depressive disorder

Describe each chosen diagnosis by listing the symptoms and criteria required for that diagnosis and possible causes of that diagnosis.

  Consider the growing american incarceration complex

Consider the growing American incarceration complex. With such an investment in incarceration, what place does rehabilitation have in the future? How may the American prison system encourage and fund rehabilitation efforts when that is not the pri..

  Which feature of photoshopreg did you find most beneficial

which feature of photoshopreg did you find most beneficial? what would you like to learn about photoshop in the future?

  Achievement gap of african american males

Post a concise synopsis of the qualitative studies you've found at least four Scholarly articles. For each entry, provide the full APA citation

  Why is it important to study theories of crime causation

When considering the purpose and function of criminal law, what are the factors/elements that would either deter crime or actually promote crime?

  Does the term global health capture its meaning

Does the term global health capture its meaning, in the sense that health priorities are global?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd