Your CEO has become
increasingly concerned with the cybersecurity and privacy issues and incidents
over the past few years, including lost laptops, data leakage incidents, stolen
PII from major companies, such as Sony Playstation, wireless network vulnerabilities,
remote access issues, and others. Though these incidents have not occurred in
the organization, the CEO is concerned that employee and customer data is not
properly protected. He needs a policy that addresses cybersecurity and privacy
auditing and a plan for conducting the audits. Thus, as the Information
Security Manager in this medium-sized organization, imagine you have been
IT audit tasks for cybersecurity and privacy.
to senior leadership for approval, which includes at a minimum:
Goals and objectives
applicable laws and regulations
Areas covered in the
Frequency of the
Use at least three (3)
quality resources in this assignment. Note: Wikipedia and similar Websites do
not qualify as quality resources.
Your assignment must follow these formatting
Be typed, double
spaced, using Times New Roman font (size 12), with one-inch margins on all
sides; citations and references must follow APA or school-specific format.
Check with your professor for any additional instructions.
Include a cover page
containing the title of the assignment, the student’s name, the professor’s
name, the course title, and the date. The cover page and the reference page are
not included in the required assignment page length.
The specific course learning outcomes
associated with this assignment are:
Describe the process
of performing effective information technology audits and general controls.
Explain the role of
cybersecurity privacy controls in the review of system processes.
Discuss and develop
strategies that detect and prevent fraudulent business practices.
Use technology and
information resources to research issues in information technology audit and
Write clearly and
concisely about topics related to information technology audit and control
using proper writing mechanics and technical style conventions.