This document provides guidelines for a term paper assignment to develop an IT infrastructure audit plan for an organization. It specifies that the paper should be 10-15 pages and include defining the scope, goals, frequency of the audit, identifying critical requirements and applicable privacy laws. It also requires developing plans for assessing IT security through risk management, threat analysis, vulnerability analysis and risk assessment. The paper must examine security policies, controls and their implementation and monitoring. It should identify critical security control points and include adequate controls to meet objectives. At least 3 quality resources must be used.