This document contains instructions for multiple assignments for a CIS 558 class. It provides background information and requirements for papers and projects on topics relating to enterprise risk management, cloud computing risks, software engineering processes, HIPAA compliance, and managing an IT infrastructure audit. Students are asked to write papers summarizing frameworks, analyzing risks and controls, developing audit plans and diagrams, and creating management and project plans. References must meet quality standards and papers must follow specified formatting guidelines.
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Instructors, training on how to grade is within the Instructor Center.
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Instructors, training on how to grade is within the Instructor Center.
Cis 558 Enthusiastic Study / snaptutorial.comStephenson06
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Instructors, training on how to grade is within the Instructor Center.
Assignment 1: ERM Roadmap
Due Week 3 and worth 125 points
For more course tutorials visit
www.newtonhelp.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Suppose senior management has tasked you with the planning of
CIS 558 Life of the Mind/newtonhelp.com bellflower9
For more course tutorials visit
www.newtonhelp.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
FOR MORE CLASSES VISIT
www.cis558rank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Suppose senior management has tasked you with the planning of the COBIT compliance project. In terms of the COBIT framework, predict which key areas are likely to be
FOR MORE CLASSES VISIT
www.cis558rank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Instructors, training on how to grade is within the Instructor Center.
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Instructors, training on how to grade is within the Instructor Center.
Cis 558 Enthusiastic Study / snaptutorial.comStephenson06
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Instructors, training on how to grade is within the Instructor Center.
Assignment 1: ERM Roadmap
Due Week 3 and worth 125 points
For more course tutorials visit
www.newtonhelp.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Suppose senior management has tasked you with the planning of
CIS 558 Life of the Mind/newtonhelp.com bellflower9
For more course tutorials visit
www.newtonhelp.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
FOR MORE CLASSES VISIT
www.cis558rank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Suppose senior management has tasked you with the planning of the COBIT compliance project. In terms of the COBIT framework, predict which key areas are likely to be
FOR MORE CLASSES VISIT
www.cis558rank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
FOR MORE CLASSES VISIT
www.cis558rank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Suppose senior management has tasked you with
For more course tutorials visit
www.tutorialrank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Suppose senior management has tasked you with the planning of the COBIT compliance project. In terms of
CIS 558 Effective Communication - tutorialrank.comBartholomew22
For more course tutorials visit
www.tutorialrank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Cmgt 582 Effective Communication / snaptutorial.comHarrisGeorg12
You are part of a team has been selected by the Chief Information Officer (CIO) to perform an audit of the HR Department.
Create a 10- to 12-slide presentation (not including the title and reference slides) that examines the specific audit steps that should be performed to evaluate the following areas:
• Handling of ethical issues, including security-related legal/regulatory compliance (non-privacy related), intellectual property and licensing
• Compliance with privacy related laws and regulations
For more course tutorials visit
www.newtonhelp.com
Each Part is Answered with approx. 100 words
1. Take a position on whether or not you believe most employees abide by their organization’s AUP. Support your position with an explanation. Propose ways that an organization can enforce this policy.
2. Suppose your department manager accidentally sends you an Excel spreadsheet showing salaries and proposed wage increases of your
For more classes visit
www.snaptutorial.com
You are part of a team has been selected by the Chief Information Officer (CIO) to perform an audit of the HR Department.
Create a 10- to 12-slide presentation (not including the title and reference slides) that examines the specific audit steps that should be performed to evaluate the
For more classes visit
www.snaptutorial.com
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Case Study 1 Mitigating Cloud Computing RisksDue Week 4 and worogglili
Case Study 1: Mitigating Cloud Computing Risks
Due Week 4 and worth 125 points
Imagine you are an Information Security Manager in a medium-sized organization. Your CIO has asked you to prepare a case analysis report and presentation on establishing internal controls in cloud computing. The CIO has seen several resources online which discuss the security risks related to Cloud based computing and storage. One that stood out was located at http://www.isaca.org/Journal/Past-Issues/2011/Volume-4/Pages/Cloud-Computing-Risk-Assessment-A-Case-Study.aspx. You are being asked to summarize the information you can find on the Internet and other sources that are available. Moving forward, the CIO wants to have a firm grasp of the benefits and risks associated with public, private, and hybrid cloud usage. There is also concern over how these systems, if they were in place, should be monitored to ensure not only proper usage, but also that none of these systems or their data have been compromised.
Write a three to four (3-4) page paper in which you:
Provide a summary analysis of the most recent research that is available in this area.
Examine the risks and vulnerabilities associated with public clouds, private clouds, and hybrids. Include primary examples applicable from the case studies you previously reviewed.
Suggest key controls that organizations could implement to mitigate these risks and vulnerabilities.
Develop a list of IT audit tasks that address a cloud computing environment based on the results from the analysis of the case studies, the risks and vulnerabilities, and the mitigation controls.
Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Describe the process of performing effective information technology audits and general controls.
Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication networks, cloud computing, service-oriented architecture and virtualization.
Use technology and information resources to research issues in information technology audit and control.
Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions
Assignment 2: Software Engineering, CMMI, and ITIL
Due W ...
For more course tutorials visit
www.newtonhelp.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
CIS 558 Imagine Your Future/newtonhelp.com bellflower51
For more course tutorials visit
www.newtonhelp.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
FOR MORE CLASSES VISIT
www.cis558rank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Suppose senior management has tasked you with
For more course tutorials visit
www.tutorialrank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Suppose senior management has tasked you with the planning of the COBIT compliance project. In terms of
CIS 558 Effective Communication - tutorialrank.comBartholomew22
For more course tutorials visit
www.tutorialrank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Cmgt 582 Effective Communication / snaptutorial.comHarrisGeorg12
You are part of a team has been selected by the Chief Information Officer (CIO) to perform an audit of the HR Department.
Create a 10- to 12-slide presentation (not including the title and reference slides) that examines the specific audit steps that should be performed to evaluate the following areas:
• Handling of ethical issues, including security-related legal/regulatory compliance (non-privacy related), intellectual property and licensing
• Compliance with privacy related laws and regulations
For more course tutorials visit
www.newtonhelp.com
Each Part is Answered with approx. 100 words
1. Take a position on whether or not you believe most employees abide by their organization’s AUP. Support your position with an explanation. Propose ways that an organization can enforce this policy.
2. Suppose your department manager accidentally sends you an Excel spreadsheet showing salaries and proposed wage increases of your
For more classes visit
www.snaptutorial.com
You are part of a team has been selected by the Chief Information Officer (CIO) to perform an audit of the HR Department.
Create a 10- to 12-slide presentation (not including the title and reference slides) that examines the specific audit steps that should be performed to evaluate the
For more classes visit
www.snaptutorial.com
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in the Student Center.
Case Study 1 Mitigating Cloud Computing RisksDue Week 4 and worogglili
Case Study 1: Mitigating Cloud Computing Risks
Due Week 4 and worth 125 points
Imagine you are an Information Security Manager in a medium-sized organization. Your CIO has asked you to prepare a case analysis report and presentation on establishing internal controls in cloud computing. The CIO has seen several resources online which discuss the security risks related to Cloud based computing and storage. One that stood out was located at http://www.isaca.org/Journal/Past-Issues/2011/Volume-4/Pages/Cloud-Computing-Risk-Assessment-A-Case-Study.aspx. You are being asked to summarize the information you can find on the Internet and other sources that are available. Moving forward, the CIO wants to have a firm grasp of the benefits and risks associated with public, private, and hybrid cloud usage. There is also concern over how these systems, if they were in place, should be monitored to ensure not only proper usage, but also that none of these systems or their data have been compromised.
Write a three to four (3-4) page paper in which you:
Provide a summary analysis of the most recent research that is available in this area.
Examine the risks and vulnerabilities associated with public clouds, private clouds, and hybrids. Include primary examples applicable from the case studies you previously reviewed.
Suggest key controls that organizations could implement to mitigate these risks and vulnerabilities.
Develop a list of IT audit tasks that address a cloud computing environment based on the results from the analysis of the case studies, the risks and vulnerabilities, and the mitigation controls.
Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Describe the process of performing effective information technology audits and general controls.
Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication networks, cloud computing, service-oriented architecture and virtualization.
Use technology and information resources to research issues in information technology audit and control.
Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions
Assignment 2: Software Engineering, CMMI, and ITIL
Due W ...
For more course tutorials visit
www.newtonhelp.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
CIS 558 Imagine Your Future/newtonhelp.com bellflower51
For more course tutorials visit
www.newtonhelp.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
Assignment 2 Organizational Risk Appetite and Risk AssessmentDu.docxjosephinepaterson7611
Assignment 2: Organizational Risk Appetite and Risk Assessment
Due Week 4 and worth 50 points
Imagine that a software development company has just appointed you to lead a risk assessment project. The Chief Information Officer (CIO) of the organization has seen reports of malicious activity on the rise and has become extremely concerned with the protection of the intellectual property and highly sensitive data maintained by your organization. The CIO has asked you to prepare a short document before your team begins working. She would like for you to provide an overview of what the term “risk appetite” means and a suggested process for determining the risk appetite for the company. Also, she would like for you to provide some information about the method(s) you intend to use in performing a risk assessment.
Write a two to three page paper in which you:
1. Analyze the term “risk appetite”. Then, suggest at least one practical example in which it applies.
2. Recommend the key method(s) for determining the risk appetite of the company.
3. Describe the process of performing a risk assessment.
4. Elaborate on the approach you will use when performing the risk assessment.
5. Use at least three quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
· This course requires use of Strayer Writing Standards (SWS). The format is different than other Strayer University courses. Please take a moment to review the SWS documentation for details.
· Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
· Describe the components and basic requirements for creating an audit plan to support business and system considerations.
· Describe the parameters required to conduct and report on IT infrastructure audit for organizational compliance.
· Use technology and information resources to research issues in security strategy and policy formation.
· Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.
Assignment 3: Evaluating Access Control Methods
Due Week 6 and worth 50 points
Imagine that you are the Information Systems Security Specialist for a medium-sized federal government contractor. The Chief Security Officer (CSO) is worried that the organization's current methods of access control are no longer sufficient. In order to evaluate the different methods of access control, the CSO requested that you research: mandatory access control (MAC), discretionary access control (DAC), and role-based access control (RBAC). Then, prepare a report addressing positive and negative aspects of each access control me.
erm Paper Managing an IT Infrastructure AuditDue Week 10 and woeleanorabarrington
erm Paper: Managing an IT Infrastructure Audit
Due Week 10 and worth 210 points
This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan.
You must submit all four (4) sections as separate files for the completion of this assignment.
Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.
Imagine you are an Information Security Manager for a large national retailer. You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two week IT audits.
In addition to the typical networking and Internetworking infrastructure of a medium-sized organization, the organization has the following characteristics:
They have a main office and 268 stores in the U.S.
They utilize a cloud computing environment for storage and applications.
Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012.
They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters.
They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building.
They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners.
They enable wireless access at the main office and the stores.
They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.
Section 1: Internal IT Audit Policy
Write a three to four (3-4) page paper in which you:
1. Develop an Internal IT Audit Policy, which includes at a minimum:
a. Overview
b. Scope
c. Goals and objectives
d. Compliance with applicable laws and regulations
e. Management oversight and responsibility
f. Areas covered in the IT audits
g. Frequency of the audits
h. Use at least two (2) quality resources in this assignment.
Note
: Wikipedia and similar Websites do not qualify as quality resources.
Section 2: Management Plan
Write a four to six (4-6) page paper in which you:
2. Explain the management plan for conducting IT audits, including:
a. Risk management
b. System Software and Applications
c. Wireless Networking
d ...
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Ethnobotany and Ethnopharmacology:
Ethnobotany in herbal drug evaluation,
Impact of Ethnobotany in traditional medicine,
New development in herbals,
Bio-prospecting tools for drug discovery,
Role of Ethnopharmacology in drug evaluation,
Reverse Pharmacology.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
1. CIS 558 Week 3 Assignment 1 ERM Roadmap (2
Papers)
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in
the Student Center.
Instructors, training on how to grade is within the Instructor Center.
Assignment 1: ERM Roadmap
Due Week 3 and worth 125 points
The following material may be useful for the completion of this
assignment. You may refer to the documents titled “Embracing
Enterprise Risk Management: Practical Approaches for Getting
Started” and “Developing Key Risk Indicators to Strengthen
Enterprise Risk Management”, located at http://www.coso.org/-
ERM.htm.
Imagine you are an Information Technology Manager employed by a
business that needs you to develop a plan for an effective Enterprise
Risk Management (ERM) program. In the past, ERM has not been a
priority for the organization. Failed corporate security audits, data
breaches, and recent news stories have convinced the Board of
Directors that they must address these weaknesses. As a result, the
2. CEO has tasked you to create a brief overview of ERM and provide
recommendations for establishing an effective ERM program that will
be used as a basis to address this area moving forward.
Write a three to four (3-4) page paper in which you:
1. Summarize the COSO Risk Management Framework and COSO’s
ERM process.
2. Recommend to management the approach that they need to take to
implement an effective ERM program. Include the issues and
organizational impact they might encounter if they do not implement
an effective ERM program.
3. Analyze the methods for establishing key risk indicators (KRIs).
4. Suggest the approach that the organization needs to take in order to
link the KRIs with the organization’s strategic initiatives.
5. Use at least three (3) quality resources in this assignment (in
addition to and that support the documents from the COSO Website
referenced in this assignment). Note: Wikipedia and similar Websites
do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12),
with one-inch margins on all sides; citations and references must
follow APA or school-specific format. Check with your professor for
any additional instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date.
The cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this
assignment are:
• Describe the COSO enterprise risk management framework.
• Describe the process of performing effective information technology
audits and general controls.
• Use technology and information resources to research issues in
information technology audit and control.
• Write clearly and concisely about topics related to information
technology audit and control using proper writing mechanics and
technical style conventions.
3. *******************************************************
CIS 558 Week 4 Case Study 1 Mitigating Cloud
Computing Risks (2 Papers)
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
Week 4 Case Study 1
Students, please view the "Submit a Clickable Rubric Assignment" in
the Student Center.
Instructors, training on how to grade is within the Instructor Center.
Case Study 1: Mitigating Cloud Computing Risks
Due Week 4 and worth 125 points
Imagine you are an Information Security Manager in a medium-sized
organization. Your CIO has asked you to prepare a case analysis
report and presentation on establishing internal controls in cloud
computing. The CIO has seen several resources online which discuss
the security risks related to Cloud based computing and storage. One
that stood out was located at http://www.isaca.org/Journal/Past-
Issues/2011/Volume-4/Pages/Cloud-Computing-Risk-Assessment-A-
Case-Study.aspx. You are being asked to summarize the information
you can find on the Internet and other sources that are available.
Moving forward, the CIO wants to have a firm grasp of the benefits
and risks associated with public, private, and hybrid cloud usage.
There is also concern over how these systems, if they were in place,
should be monitored to ensure not only proper usage, but also that
none of these systems or their data have been compromised.
4. Write a three to four (3-4) page paper in which you:
1. Provide a summary analysis of the most recent research that is
available in this area.
2. Examine the risks and vulnerabilities associated with public clouds,
private clouds, and hybrids. Include primary examples applicable
from the case studies you previously reviewed.
3. Suggest key controls that organizations could implement to
mitigate these risks and vulnerabilities.
4. Develop a list of IT audit tasks that address a cloud computing
environment based on the results from the analysis of the case studies,
the risks and vulnerabilities, and the mitigation controls.
5. Use at least three (3) quality resources in this assignment. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12),
with one-inch margins on all sides; citations and references must
follow APA or school-specific format. Check with your professor for
any additional instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date.
The cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this
assignment are:
• Describe the process of performing effective information technology
audits and general controls.
• Describe the various general controls and audit approaches for
software and architecture to include operating systems,
telecommunication networks, cloud computing, service-oriented
architecture and virtualization.
• Use technology and information resources to research issues in
information technology audit and control.
• Write clearly and concisely about topics related to information
technology audit and control using proper writing mechanics and
technical style conventions
*******************************************************
5. CIS 558 Week 6 Assignment 2 Software
Engineering, CMMI, and ITIL (2 Papers)
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
Realizing that an organization’s CMMI level impacts an organization’
s success on requests for proposals (RFPs), your CIO wants to get the
software development processes to CMMI level 3. Your organization
has started developing software applications and database systems for
their customers. The CIO wants to ensure that the software
development and database development processes are being properly
managed and audited, and he wants to ensure that the organization
begins taking the necessary steps to progress to CMMI level 3. In
preparation for your response, review the CMMI information
available at the Carnegie Mellon Website.
IT managers will commonly manage software development and
systems integration activities. Write a 3 page paper in which you:
Describe the software engineering process, the challenges in
managing software development activities, and the potential interface
issues from the software development perspective.
Analyze the CMMI levels and define a roadmap that the organization
will ned to follow in order to get their software development
processes to CMMI level three. Note: This is important because the
CMMI level that an organization achieves impacts their software
development reputation.
6. Explain the auditing tasks that must be performed in order to achieve
level 3.
Determine the continuous assurance auditing activities that the
organization will need to implement to help achieve CMMI level
three.
Analyze the ITIL service management guidelines and principles.
Examine how ITIL service management practices relate to CMMI
levels and continuous service auditing.
Use at least four (4) quality resources in this assignment.
Note: Wikipedia and similar Websites do not qualify as quality
resources.
*******************************************************
CIS 558 Week 7 Case Study 2 HIPAA and IT
Audits (2 Papers)
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
Case Study 2: HIPAA and IT Audits
Due Week 7 and worth 75 points
Imagine you are a CIO at a medium-sized hospital, and you have been
asked by the CEO to provide a case analysis report that will be
provided to the senior leadership in the organization. They are
concerned about the HIPAA Security and Privacy Rules and its
impact on the organization. Unfamiliar with the details of HIPAA,
you begin looking at the information provided by the Department of
7. Health and Human Services. Specifically, you are asked to provide an
analysis on the summary of the cases.
Section 1. Written Paper
Many organizations have been fined significant amounts for non-
compliance with HIPAA. To help ensure that your organization
remains in compliance with HIPAA regulations you have been asked
to write a three (3) page paper in which you:
1a. Create an overview of the HIPAA Security Rule and Privacy Rule.
Include an explanation of the resolution process when a case is
reported.
1b. Analyze the major types of incidents and breaches that occur
based on the cases reported.
1c. Analyze the technical controls and the non-technical controls that
are needed to mitigate the identified risks and vulnerabilities.
1d. Analyze and describe the network architecture that is needed
within an organization, including a medium-sized hospital, in order to
be compliant with HIPAA regulations.
1e. Analyze how a medium-sized hospital is similar to and different
from other non-medical organizations in regards to HIPAA
compliance.
1f. List the IT audit steps that need to be included in the
organization’s overall IT audit plan to ensure compliance with
HIPAA rules and regulations.
1g. Use at least four (4) quality resources in this assignment. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12),
with one-inch margins on all sides; citations and references must
follow APA or school-specific format. Check with your professor for
any additional instructions.
Section 2. Network Architecture
8. 2a. Create a network architecture diagram (using Visio or an open-
source equivalent to Visio for creating diagrams), based on the
description of the network architecture that you defined above for the
organization to be compliant with HIPAA regulations.
2b. Include in the diagram the switches, routers, firewalls, IDS/IPS,
and any other devices needed for a compliant network architecture.
*******************************************************
CIS 558 Week 10 Term Paper Managing an IT
Infrastructure Audit (2 Papers)
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Term Papers
Term Paper: Managing an IT Infrastructure Audit
This assignment consists of four (4) sections: an internal IT audit
policy, a management plan, a project plan, and a disaster recovery
plan. You must submit all four (4) sections as separate files for the
completion of this assignment. Label each file name according to the
section of the assignment it is written for. Additionally, you may
create and /or assume all necessary assumptions needed for the
completion of this assignment.
Imagine you are an Information Security Manager for a large national
retailer. You have been hired to be directly responsible for the
planning and oversight of IT audits. At the request of the Board of
Directors, the CEO has tasked you with developing a plan for
conducting regular audits of the IT infrastructure. The planning and
management aspects of IT audit are critical to the overall success of
9. the audit, and as a result, the overall success of the systems
implemented within the organization. You must develop a policy for
conducting IT audits and develop a project plan for conducting two
week IT audits.
In addition to the typical networking and Internetworking
infrastructure of a medium-sized organization, the organization has
the following characteristics:
• They have a main office and 268 stores in the U.S.
• They utilize a cloud computing environment for storage and
applications.
• Their IT infrastructure includes Cisco workgroup and core switches,
Cisco routers, Cisco firewalls and intrusion prevention systems, and
servers running Microsoft Windows Server 2012.
• They have over 1000 desktops and approximately 500 organization-
owned laptops in the main headquarters.
• They allow employees to bring their own devices into the
organization; however, they are subject to being searched upon entry
and exit from the building.
• They enable remote access to corporate information assets for
employees and limited access to extranet resources for contractors and
other business partners.
• They enable wireless access at the main office and the stores.
• They process an average of 67.2 credit card transactions per hour
every day at each location and via their corporate Website.
•
Section 1: Internal IT Audit Policy
Write a three to four (3-4) page paper in which you:
1. Develop an Internal IT Audit Policy, which includes at a minimum:
2. Overview
b. Scope
c. Goals and objectives
d. Compliance with applicable laws and regulations
e. Management oversight and responsibility
f. Areas covered in the IT audits
g. Frequency of the audits
h. Use at least two (2) quality resources in this assignment. Note:
Wikipedia and similar Websites do not qualify as quality resources.
10. Section 2: Management Plan
Write a four to six (4-6) page paper in which you:
2. Explain the management plan for conducting IT audits, including:
3. Risk management
b. System Software and Applications
c. Wireless Networking
d. Cloud Computing
e. Virtualization
f. Cybersecurity and Privacy
g. BCP and DRP
h. Network Security
i. Use at least three (3) quality resources in this assignment. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Section 3: Project Plan
Use Microsoft Project or an Open Source alternative, such as Open
Project to:
3. Develop a project plan which includes the applicable tasks for each
of the major areas listed below for each element of the IT audit
mentioned above; plan for the audit to be a two (2) week audit.
4. Risk management
b. System software and applications
c. Wireless networking
d. Cloud computing
e. Virtualization
f. Cybersecurity and privacy
g. Network security
Section 4: Disaster Recovery Plan
Write a five to seven (5-7) page paper in which you:
4. Develop a disaster recovery plan (DRP) for recovering from a
major incident or disaster affecting the organization.
5. The organization must have no data loss.
b. The organization must have immediate access to organizational
data in the event of a disaster.
c. The organization must have critical systems operational within 48
hours.
11. d. Include within the DRP the audit activities needed to ensure that
the organization has an effective DRP and will be able to meet the
requirements stated above.
e. Use at least three (3) quality resources in this assignment. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12),
with one-inch margins on all sides; citations and references must
follow APA or school-specific format. Check with your professor for
any additional instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date.
The cover page and the reference page are not included in the required
assignment page length.
*******************************************************