CIS 349 IT Infrastructure Audit for Compliance discussion

timer Asked: Mar 8th, 2019
account_balance_wallet $9.99

Question Description

Choose an organization you are familiar with and develop an eight to ten page IT infrastructure audit for compliance in which you:

  1. Define the following items for an organization you are familiar with:
    1. Scope
    2. Goals and objectives
    3. Frequency of the audit
    4. Duration of the audit
  2. Identify the critical requirements of the audit for your chosen organization and explain why you consider them to be critical requirements.
  3. Choose privacy laws that apply to the organization, and suggest who is responsible for privacy within the organization.
  4. Develop a plan for assessing IT security for your chosen organization by conducting the following:
    1. Risk management
    2. Threat analysis
    3. Vulnerability analysis
    4. Risk assessment analysis
  5. Explain how to obtain information, documentation, and resources for the audit.
  6. Analyze how each of the seven (7) domains aligns within your chosen organization.
  7. Align the appropriate goals and objectives from the audit plan to each domain and provide a rationale for your alignment.
  8. Develop a plan that:
    1. Examines the existence of relevant and appropriate security policies and procedures.
    2. Verifies the existence of controls supporting the policies.
    3. Verifies the effective implementation and ongoing monitoring of the controls.
  9. Identify the critical security control points that must be verified throughout the IT infrastructure, and develop a plan that includes adequate controls to meet high-level defined control objectives within this organization.
  10. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Tutor Answer

School: University of Virginia

Hello, please check the solution. Review and in case of a comment informThank you for your time

IT Infrastructure Audit for Compliance
Student’s Name
Course Title
March 12, 2019

The IT audit process refers to a thorough examination of the state of the information
technology department and processes to determine if the resources, behaviors, and activities
which produce the result are efficiently and effectively managed. The IT process audit is more
than just following the trail through department process from start to end product. It is a risk and
vulnerability audit detailing every aspect of the whole process. All processes yield results, and
therefore a process audit needs to be established to ensure that the results generated are as a
result of a process that is effectively managed (Hammer, 2007).
In a process audit, an effective process achieves the intended results as per the process
objectives. An effective process is one in which resources, behaviors, and activities are planned,
controlled and organized in such a manner that the resulting outputs serve the specified
objectives. The process audit puts a focus on the results and is the difference from procedures
audits which focuses on tasks (Hammer, 2007).
The company chosen for the completion of this assignment is Red Clay Renovations.
This is a renowned organization that specializes in renovation as well as rehabilitation of
residential dwellings. The firm specializes in improving the quality of homes using the smart
home as well as the Internet of Things application technologies maintaining correct architectural
characteristics in the renovations. These policies will then be provided for all the company
stakeholders for adoption. The implementation process may yield additional issues that were
uncalled for at the planning stage. The completion of the implementation plan is not a guarantee
for success. Many organizations face unforeseen issues after implementation and at times
become unable to handle the issues. The extra commitment and work that come with the
introducing of new operations and deviation from existing operations are always challenging.

Red clay organization must consider possible issues that may occur after technology
implementation processes.
Improving the quality of homes using the smart home as well as the Internet of Things
application technologies may bring up issues which are not already covered in the planning
phases. This issue must be identified and handled before they affect the business. These issues
could come from any aspect of the system of the business itself. Various security issues have
been identified for the Red clay organization.
The audit details the results of the audit procedure conducted and gives the relating
summaries about the company’s requirements for the audit. The audi...

flag Report DMCA

awesome work thanks

Similar Questions
Related Tags

Brown University

1271 Tutors

California Institute of Technology

2131 Tutors

Carnegie Mellon University

982 Tutors

Columbia University

1256 Tutors

Dartmouth University

2113 Tutors

Emory University

2279 Tutors

Harvard University

599 Tutors

Massachusetts Institute of Technology

2319 Tutors

New York University

1645 Tutors

Notre Dam University

1911 Tutors

Oklahoma University

2122 Tutors

Pennsylvania State University

932 Tutors

Princeton University

1211 Tutors

Stanford University

983 Tutors

University of California

1282 Tutors

Oxford University

123 Tutors

Yale University

2325 Tutors