Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Auditing it infrastructures for compliance

27/03/2021 Client: saad24vbs Deadline: 2 Day

5/28/2018 Strayer University Bookshelf: Auditing IT Infrastructures for Compliance

https://strayer.vitalsource.com/#/books/9781284104387/cfi/6/40!/4/66/4@0:0 1/23

PRINTED BY: juliehalperson@gmail.com. Printing is for personal, private use only. No part of this book may be reproduced or transmitted without publisher's prior permission. Violators will be prosecuted.

Chapter 5 Goals When you complete this chapter, you will be able to:

• Define the scope and frequency of an audit

• Identify the key requirements for an audit

• Understand the importance of risk management in assessing security controls

• Identify the information and resources needed for an IT audit

• Relate the IT security policy framework to the seven domains of IT infrastructure

• Understand why monitoring requirements help with an IT audit

• Identify security control points

• Differentiate between the project management tasks of an IT audit

Defining the Scope, Objectives, Goals, and Frequency of an Audit

The scope, objectives, goals, and frequency of audits are based on a risk assessment. Depending on the risk, the frequency of audits varies. Critical systems controls might need to be monitored more often than noncritical controls. In more high-risk situations, automated or continual audit tests might be considered.

Prior to performing an audit, the auditor should first define the audit scope. The scope includes the area or areas to be reviewed as well as the time period. Experienced auditors know it’s just as important to define what will be audited as it is to define what will not be audited. If scope is not clearly defined, scope creep occurs, likely increasing the auditor’s workload. Scope creep is a term common to projects where the plans or goals expand beyond what was originally intended.

The audit objective is the goal of the audit. Both scope and objective are closely related. For the audit to be effective, the scope must consider the objectives of the audit. Defining scope requires consideration of the personnel, systems, and records relevant to the objective. Time is another consideration dependent upon the objective. The depth and breadth of an audit usually determines the time frame required to meet the objectives.

An external audit of financial controls, for example, will likely have a more narrow scope than an internal audit of information technology (IT) controls. When defining

5/28/2018 Strayer University Bookshelf: Auditing IT Infrastructures for Compliance

https://strayer.vitalsource.com/#/books/9781284104387/cfi/6/40!/4/66/4@0:0 2/23

PRINTED BY: juliehalperson@gmail.com. Printing is for personal, private use only. No part of this book may be reproduced or transmitted without publisher's prior permission. Violators will be prosecuted.

the scope, the auditor should consider the controls and processes across the seven domains of IT infrastructure. This includes relevant resources such as the following:

• Data • Applications

• Technology

• Facilities • Personnel

It is important for auditors to ensure the scope is sufficient to achieve the stated objectives. Restrictions placed on the scope could seriously affect the ability to achieve the stated objective. Examples of restrictions that an organization may place on an auditor that could have such a negative impact include the following:

• Not providing enough resources • Limiting the time frame

• Preventing the discovery of audit evidence

• Restricting audit procedures

• Withholding relevant historical records or information about past incidents

Project Management

An audit is a project. As with any project, proper planning is necessary. Auditors should be familiar with the Project Management Institute (PMI), which has created a standard named A Guide to the Project Management Body of Knowledge (PMBOK). This guide provides a well-known and applied framework for managing successful projects.

A project, such as an audit, has three important characteristics. First, a project is temporary. This means it has an identified start and end date. Unlike operations or a program, a project lasts for a finite time period. Second, a project is unique and produces unique results. At the end of the project, a deliverable is produced. Although projects might be similar, the process, resources, constraints, and risks, for example, will differ. Finally, a project is progressively elaborated. Because each project is unique, the process is more dynamic. Projects will occur in separate steps. As the process continues, the next phase becomes clearer.

Projects require someone to manage them. This position is often given the title of project manager. Large projects and even audits might have a dedicated project manager. Other times, the person managing the project might be the project expert. Project management requires the management of three competing needs to achieve the project objectives. Known as the triple constraint, these include scope, cost, and time. Consider, for example, a project with a large scope, but with little time and cost. More than likely, quality will be compromised. A project manager must be aware of all three constraints at the start of and throughout the project.

5/28/2018 Strayer University Bookshelf: Auditing IT Infrastructures for Compliance

https://strayer.vitalsource.com/#/books/9781284104387/cfi/6/40!/4/66/4@0:0 3/23

PRINTED BY: juliehalperson@gmail.com. Printing is for personal, private use only. No part of this book may be reproduced or transmitted without publisher's prior permission. Violators will be prosecuted.

Planned audit activities also have a defined rate of occurrence, known as the audit frequency. There are two approaches to determine audit frequency. Audits can occur on an annual basis or every two or three years, depending on regulatory requirements and the determined risk. IT audits also are known for not following a predefined frequency, but instead using a continuous risk-assessment process. This is more appropriate given the fast-paced change in technology as well as the threats and vulnerabilities related to IT.

Identifying Critical Requirements for the Audit

The risk assessment will influence the critical requirements for an IT audit. Overall, there are various types of IT audits. In addition to infrastructure audits for compliance, other examples include audits specific to IT processes, such as governance and software development. Another example includes integrated audits, where financial controls are the focus.

Auditing IT infrastructure for compliance incorporates the evaluation of various types of controls. IT organizations today are concerned with controls relating to both security and privacy. Traditionally, privacy and information security activities are separate activities. The two, however, have become more interrelated, and coordination between the two has become a priority for many organizations. Two major factors contributing to this are regulatory issues and the rapid growth and widespread use of the Web. As a result, both privacy and information security are converging, specifically around compliance issues.

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Unique Academic Solutions
Accounting & Finance Mentor
Top Essay Tutor
Top Rated Expert
Math Guru
Supreme Essay Writer
Writer Writer Name Offer Chat
Unique Academic Solutions

ONLINE

Unique Academic Solutions

You can award me any time as I am ready to start your project curiously. Waiting for your positive response. Thank you!

$173 Chat With Writer
Accounting & Finance Mentor

ONLINE

Accounting & Finance Mentor

I am known as Unrivaled Quality, Written to Standard, providing Plagiarism-free woork, and Always on Time

$144 Chat With Writer
Top Essay Tutor

ONLINE

Top Essay Tutor

I have read and understood all your initial requirements, and I am very professional in this task.

$51 Chat With Writer
Top Rated Expert

ONLINE

Top Rated Expert

I have read and understood all your initial requirements, and I am very professional in this task.

$89 Chat With Writer
Math Guru

ONLINE

Math Guru

I have read your project details. I can do this within your deadline.

$41 Chat With Writer
Supreme Essay Writer

ONLINE

Supreme Essay Writer

I have read and understood all your initial requirements, and I am very professional in this task.

$122 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

305 Knowledge Management - Shadow health abdominal assessment pdf - Sizzla bad mind nah go stop we - Clawson's diamond model of leadership - Rational expressions and functions unit test - Difference matters communicating social identity 2nd edition pdf - Sabas company has 20000 shares - Nucor corporation case study analysis - Cloud Computing - CIS 502 Discussions 2 & 3 - Global expansion project - Integral by changing to polar coordinates - Famous lines from waiting for godot - Band saw safety procedures - Bioethics-324 - Thermal fluid system design ( report & PowerPoint) - Ge - Writting - Please read question in comment section - Leadership as a vocation - Beaconsfield primary school review - The secrets to successful strategy execution summary - PHILL - Popsicle stick chain reaction explanation - Greek word for choice - Mark knopfler jerry seinfeld - Trojan horse psw generic11 nyj - Essay - A basic dye is utilized to stain bacterial cells - Kent state housing contract renewal - A history of the modern world palmer pdf - Powerpoint presentation about a famous person - Vocab level e unit 5 - Iprofile nutrition software free - Critical thinking - Issa case study steve - Julian secret agent comprehension questions - The ccpm dilemma case study - Yunnan lucky air case study answers - Tengo que hacerlas mañana - Silver company makes a product that is very popular - The little prince of course i ll hurt you - Riddle vault of horus dominoes solution - Hmong 18 clan council bride price - Phoenix MGT 526 Signature Assignment: Organization Presentation - Price elasticity of demand worksheet with answers - P2147 fuel injector group 'a' supply voltage circuit low - Research Method Project 2 - What is 30 percent of 14000 - Seven pages essay - Discussion - Coca cola goals and objectives - Westan corporation uses a predetermined overhead rate - UbD Practice: Stage 3, Activities - Commonwealth bank eftpos support - Ethical decision making paper scenario 1 - Mealworm lab report - Electron dot diagram worksheet with answers - Knox park primary school - Jo koy ex wife jennifer santillan - Answer discussion question in 175 words or less - Deborah hutton hats stockists - Emerging Threats and Counter Measures on Cyber Security - Introduction to dc circuits lab - First Draft of a Rhetorical Analysis - Fennell v robson excavations - Closing the knowledge gap is an essential skill for the DNP practice scholar. Reflect upon your application of evidence-based practice and professional formation to consider the following: - Theoretical framework - Health illness continuum theory - Drugged high on alcohol worksheet answers - Vba practice note 62 - Example of received view in nursing - Igcse spanish past papers - Composition of functions worksheet - Part 3 - 5 classes of vertebrates - Project 4 - Research paper. DUE TODAY 10/8/2020 - Explorations in conceptual chemistry activity 6a answers - Beckman coulter ceq 8000 - What are the components of health - Apple inc compensation for employees - Speciality packaging corporation case study solution - Format of manufacturing and trading account in excel - Officer precinct structure plan - Smugmug rex tranter - How to reference aasw practice standards - Themes of remember the titans - Brisbane city council subdivision and development guidelines - Information Technology Project Management - Conniver in a sentence - Leadership - Summerland credit union term deposit rates - Legacy of the first blade magistrate or doctor - Practice test 1 scoring - There will come soft rains answer key - Discussion - 1 - Legal Reg, Compliance, Invest - Section 131 quicken loans arena - Abstract - Pebble pad utas login