Planning an IT Infrastructure Audit for Compliance.docx
1. CIS: Planning an IT Infrastructure Audit for Compliance
Description Term Paper: Planning an IT Infrastructure Audit for Compliance,Note: Chapter
5 of the required textbook may be helpful in the completion of the assignment. The audit
planning process directly affects the quality of the outcome. A proper plan ensures that
resources are focused on the right areas and that potential problems are identified early. A
successful audit first outlines the objectives of the audit, the procedures that will be
followed, and the required resources. Choose an organization you are familiar with and
develop an eight to ten page IT infrastructure audit for compliance in which you: Define the
following items for an organization you are familiar with: Scope Goals and objectives
Frequency of the audit Duration of the audit Identify the critical requirements of the audit
for your chosen organization and explain why you consider them to be critical
requirements. Choose privacy laws that apply to the organization, and suggest who is
responsible for privacy within the organization. Develop a plan for assessing IT security for
your chosen organization by conducting the following: Risk management Threat analysis
Vulnerability analysis Risk assessment analysis Explain how to obtain information,
documentation, and resources for the audit. Analyze how each of the seven (7) domains
aligns within your chosen organization. Align the appropriate goals and objectives from the
audit plan to each domain and provide a rationale for your alignment. Develop a plan that:
Examines the existence of relevant and appropriate security policies and procedures.
Verifies the existence of controls supporting the policies. Verifies the effective
implementation and ongoing monitoring of the controls. Identify the critical security control
points that must be verified throughout the IT infrastructure, and develop a plan that
includes adequate controls to meet high-level defined control objectives within this
organization. Use at least three (3) quality resources in this assignment. Note: Wikipedia
and similar Websites do not qualify as quality resources.#CIS #Planning #Infrastructure
#Audit #Compliance