FOR MORE CLASSES VISIT
www.cis558rank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT governance focus areas: strategic alignment, value delivery, risk management, resource management, and performance management
1. CIS 558 Week 1 Discussion COBIT Planning
FOR MORE CLASSES VISIT
www.cis558rank.com
“COBIT Planning” Please respond to the following:
Describe how organizations establish the five (5) COBIT IT
governance focus areas: strategic alignment, value delivery, risk
management, resource management, and performance management
Suppose senior management has tasked you with the planning of the
COBIT compliance project. In terms of the COBIT framework,
predict which key areas are likely to be problematic to implement.
Suggest at least two (2) possible solutions to these problematic areas.
==============================================
CIS 558 Week 1-11 All DQs
FOR MORE CLASSES VISIT
www.cis558rank.com
CIS 558 Week 1 Discussion COBIT Planning
CIS 558 Week 2 Discussion Question Developing an ERM plan
CIS 558 Week 3 Discussion Mitigating Wireless Risk
2. CIS 558 Week 4 Discussion Obstacles to CMMI Development
CIS 558 Week 5 Discussion Automated Auditing
CIS 558 Week 6 Discussion Audit Project Control”
CIS 558 Week 7 Discussion Identity and Access Management
CIS 558 Week 8 Discussion Effective Disaster Recovery Plans
CIS 558 Week 9 Discussion Change and Patch management
CIS 558 Week 10 Discussion Quality Assurance and Auditing
Standards
CIS 558 Week 11 Discussion Course Conclusion and Summary
==============================================
CIS 558 Week 2 Discussion Question Developing an ERM
plan
FOR MORE CLASSES VISIT
www.cis558rank.com
“Developing an ERM plan” Please respond to the following:
From a management perspective, decide which key policies and
procedures one should consider as the starting point when developing
an ERM plan for an organization. Defend your position.
Provide a list of essential personnel whom you believe should be
involved in creating and maintaining an ERM plan for an
organization. Describe the role of each person. Suggest a timeline for
3. establishing an ERM plan, giving your opinion on how frequently the
plan should be reviewed.
==============================================
CIS 558 Week 3 Assignment 1 ERM Roadmap (2 Papers)
FOR MORE CLASSES VISIT
www.cis558rank.com
This Tutorial contains 2 Papers
CIS 558 Week 3 Assignment 1 ERM Roadmap
Week 3 Assignment 1
Students, please view the "Submit a Clickable Rubric Assignment" in
the Student Center.
Instructors, training on how to grade is within the Instructor Center.
Assignment 1: ERM Roadmap
Due Week 3 and worth 125 points
The following material may be useful for the completion of this
assignment. You may refer to the documents titled “Embracing
Enterprise Risk Management: Practical Approaches for Getting
Started” and “Developing Key Risk Indicators to Strengthen
Enterprise Risk Management”, located at http://www.coso.org/-
ERM.htm.
4. • Write clearly and concisely about topics related to information
technology audit and control using proper writing mechanics and
technical style conventions.
==============================================
CIS 558 Week 3 Discussion Mitigating Wireless Risk
FOR MORE CLASSES VISIT
www.cis558rank.com
“Mitigating Wireless Risk” Please respond to the following:
Suggest two (2) of the risks and two (2) of the benefits associated
with the implementation of wireless networks.
For each of the risks, provide key suggestions for mitigating or
eliminating those risks from an auditor’s perspective. Suggest key
methods for measuring the effectiveness of your solutions.
==============================================
CIS 558 Week 4 Case Study 1 Mitigating Cloud Computing
Risks (2 Papers)
FOR MORE CLASSES VISIT
www.cis558rank.com
This Tutorial contains 2 Papers
Week 4 Case Study 1
5. Students, please view the "Submit a Clickable Rubric Assignment" in
the Student Center.
Instructors, training on how to grade is within the Instructor Center.
Case Study 1: Mitigating Cloud Computing Risks
Due Week 4 and worth 125 points
Imagine you are an Information Security Manager in a medium-sized
organization. Your CIO has asked you to prepare a case analysis
report and presentation on establishing internal controls in cloud
computing. The CIO has seen several resources online which discuss
the security risks related to Cloud based computing and storage.
• Write clearly and concisely about topics related to information
technology audit and control using proper writing mechanics and
technical style conventions
==============================================
CIS 558 Week 4 Discussion Obstacles to CMMI
Development
FOR MORE CLASSES VISIT
www.cis558rank.com
“Obstacles to CMMI Development” Please respond to the following:
Elaborate on three (3) of the obstacles that must be overcome as a
business moves up the CMMI model. Suggest key methods for
overcoming the obstacles you have identified.
6. Describe the measurable benefits of progressing up the CMMI model.
From an auditing perspective, determine the manner in which these
benefits might be observed.
==============================================
CIS 558 Week 5 Discussion Automated Auditing
FOR MORE CLASSES VISIT
www.cis558rank.com
“Automated Auditing” Please respond to the following:
CAATTs can be helpful when dealing with immense amounts of data.
However, developing a CAATT system can be time consuming.
Argue for or against the use of CAATT systems.
Identify the key elements of building an effective CAATT system.
Elaborate on two (2) challenges faced when designing an effective
CAATT system, and suggest possible solutions to these problems.
==============================================
CIS 558 Week 6 Assignment 2 Software Engineering, CMMI,
and ITIL (2 Papers)
FOR MORE CLASSES VISIT
www.cis558rank.com
This Tutorial contains 2 Papers
7. Realizing that an organization’s CMMI level impacts an organization’
s success on requests for proposals (RFPs), your CIO wants to get the
software development processes to CMMI level 3. Your organization
has started developing software applications and database systems for
their customers. The CIO wants to ensure that the software
development and database development processes are being properly
managed and audited, and he wants to ensure that the organization
begins taking the necessary steps to progress to CMMI level 3. In
preparation for your response, review the CMMI information
available at the Carnegie Mellon Website.
Note: Wikipedia and similar Websites do not qualify as quality
resources.
==============================================
CIS 558 Week 6 Discussion Audit Project Control
FOR MORE CLASSES VISIT
www.cis558rank.com
“Audit Project Control” Please respond to the following:
Compare and contrast an IT Audit project with other projects which
might be found in an IT department. Describe two (2) challenges that
are unique to IT Audit projects. Suggest an approach to mitigate each
challenge you selected.
Based on the challenges identified, describe the controls that the
project manager would need to implement in order to overcome
potential project control issues.
==============================================
8. CIS 558 Week 7 Case Study 2 HIPAA and IT Audits (2
Papers)
FOR MORE CLASSES VISIT
www.cis558rank.com
This Tutorial contains 2 Papers
Case Study 2: HIPAA and IT Audits
Due Week 7 and worth 75 points
Imagine you are a CIO at a medium-sized hospital, and you have been
asked by the CEO to provide a case analysis report that will be
provided to the senior leadership in the organization. They are
concerned about the HIPAA Security and Privacy Rules and its
impact on the organization. Unfamiliar with the details of HIPAA,
you begin looking at the information provided by the Department of
Health and Human Services. Specifically, you are asked to provide an
analysis on the summary of the cases.
Section 1. Written Paper
Many organizations have been fined significant amounts for non-
2b. Include in the diagram the switches, routers, firewalls, IDS/IPS,
and any other devices needed for a compliant network architecture.
==============================================
CIS 558 Week 7 Discussion Identity and Access Management
FOR MORE CLASSES VISIT
9. www.cis558rank.com
“Identity and Access Management” Please respond to the following:
Analyze the identity and access management approach that
organizations need to implement to effectively control access to their
systems. Explain how the identity and access management approach
would be influenced by the type of organization and its size.
For a small- to medium-sized business concerned about IT budget,
determine the identity and access management practices you would
recommend. In contrast, for a large organization that is extremely
concerned about protecting corporate information assets, determine
the identity and access management practices you would recommend.
Provide a rationale for your responses.
==============================================
CIS 558 Week 8 Discussion Effective Disaster Recovery
Plans
FOR MORE CLASSES VISIT
www.cis558rank.com
“Effective Disaster Recovery Plans” Please respond to the following:
Disaster recovery planning is essential for a business to survive when
unexpected events impact daily operations. Determine the areas of
disaster recovery planning and preparedness you believe
organizations are often lacking. Provide a rationale for your response.
10. Analyze and describe the key controls, especially non-technical
controls, which would ensure a business is prepared for a disaster.
Elaborate on the impact that a disaster might have on the auditing
process.
==============================================
CIS 558 Week 9 Discussion Change And Patch Management
FOR MORE CLASSES VISIT
www.cis558rank.com
CIS 558 Week 9 Discussion “Change and Patch management”
Analyze it change management and patch management processes
needed within organization identify 3 challenges organizations face
when implementing change and patch management processes for the
first time, make suggestions to address these challenges
==============================================
CIS 558 Week 10 Discussion Quality Assurance and Auditing
Standards
FOR MORE CLASSES VISIT
www.cis558rank.com
“Quality Assurance and Auditing Standards” Please respond to the
following:
11. Describe the actions an organization needs to execute in order to
improve their quality assurance and auditing processes within the
organization.
Create a list of at least five (5) auditing best practices for
organizations to follow when implementing their quality assurance
auditing programs.
Select the auditing best practices you feel are most difficult to
implement and offer means of addressing them.
==============================================
CIS 558 Week 10 Term Paper Managing an IT
Infrastructure Audit (2 Papers)
FOR MORE CLASSES VISIT
www.cis558rank.com
This Tutorial contains 2 Term Papers
Term Paper: Managing an IT Infrastructure Audit
This assignment consists of four (4) sections: an internal IT audit
policy, a management plan, a project plan, and a disaster recovery
plan. You must submit all four (4) sections as separate files for the
completion of this assignment. Label each file name according to the
section of the assignment it is written for. Additionally, you may
create and /or assume all necessary assumptions needed for the
completion of this assignment.
Imagine you are an Information Security Manager for a large national
retailer. You have been hired to be directly responsible for the
12. planning and oversight of IT audits. At the request of the Board of
Directors, the CEO has tasked you with developing a plan for
conducting regular audits of the IT infrastructure. The planning and
management aspects of IT audit are critical to the overall success of
the audit, and as a result, the overall success of the systems
implemented within the organization. You must develop a policy for
conducting IT audits and develop a project plan for conducting two
week IT audits.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date.
The cover page and the reference page are not included in the
required assignment page length.
==============================================
CIS 558 Week 11 Discussion Course Conclusion and
Summary
FOR MORE CLASSES VISIT
www.cis558rank.com
Course Conclusion and Summary” Please respond to the following:
You have just completed 10 weeks of an information technology audit
and control course. Imagine you have been asked to create a one (1)
day training course highlighting the important elements of what you
have just learned in the past ten weeks.
Create a hierarchy of five (no more or no less) of the most important
topics that you feel need to be addressed in this one (1) day course
that best fits the course title of “Information Technology Audit and
13. Control: The Essentials Presented in One Day.” Give a detailed
rationale for each of the five (5) topics.
Using 140 characters or less (the length of a Tweet), summarize the
importance of this class to someone unfamiliar with th
==============================================