Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Auditing it infrastructures for compliance

27/03/2021 Client: saad24vbs Deadline: 2 Day

5/28/2018 Strayer University Bookshelf: Auditing IT Infrastructures for Compliance

https://strayer.vitalsource.com/#/books/9781284104387/cfi/6/40!/4/66/4@0:0 1/23

PRINTED BY: juliehalperson@gmail.com. Printing is for personal, private use only. No part of this book may be reproduced or transmitted without publisher's prior permission. Violators will be prosecuted.

Chapter 5 Goals When you complete this chapter, you will be able to:

• Define the scope and frequency of an audit

• Identify the key requirements for an audit

• Understand the importance of risk management in assessing security controls

• Identify the information and resources needed for an IT audit

• Relate the IT security policy framework to the seven domains of IT infrastructure

• Understand why monitoring requirements help with an IT audit

• Identify security control points

• Differentiate between the project management tasks of an IT audit

Defining the Scope, Objectives, Goals, and Frequency of an Audit

The scope, objectives, goals, and frequency of audits are based on a risk assessment. Depending on the risk, the frequency of audits varies. Critical systems controls might need to be monitored more often than noncritical controls. In more high-risk situations, automated or continual audit tests might be considered.

Prior to performing an audit, the auditor should first define the audit scope. The scope includes the area or areas to be reviewed as well as the time period. Experienced auditors know it’s just as important to define what will be audited as it is to define what will not be audited. If scope is not clearly defined, scope creep occurs, likely increasing the auditor’s workload. Scope creep is a term common to projects where the plans or goals expand beyond what was originally intended.

The audit objective is the goal of the audit. Both scope and objective are closely related. For the audit to be effective, the scope must consider the objectives of the audit. Defining scope requires consideration of the personnel, systems, and records relevant to the objective. Time is another consideration dependent upon the objective. The depth and breadth of an audit usually determines the time frame required to meet the objectives.

An external audit of financial controls, for example, will likely have a more narrow scope than an internal audit of information technology (IT) controls. When defining

5/28/2018 Strayer University Bookshelf: Auditing IT Infrastructures for Compliance

https://strayer.vitalsource.com/#/books/9781284104387/cfi/6/40!/4/66/4@0:0 2/23

PRINTED BY: juliehalperson@gmail.com. Printing is for personal, private use only. No part of this book may be reproduced or transmitted without publisher's prior permission. Violators will be prosecuted.

the scope, the auditor should consider the controls and processes across the seven domains of IT infrastructure. This includes relevant resources such as the following:

• Data • Applications

• Technology

• Facilities • Personnel

It is important for auditors to ensure the scope is sufficient to achieve the stated objectives. Restrictions placed on the scope could seriously affect the ability to achieve the stated objective. Examples of restrictions that an organization may place on an auditor that could have such a negative impact include the following:

• Not providing enough resources • Limiting the time frame

• Preventing the discovery of audit evidence

• Restricting audit procedures

• Withholding relevant historical records or information about past incidents

Project Management

An audit is a project. As with any project, proper planning is necessary. Auditors should be familiar with the Project Management Institute (PMI), which has created a standard named A Guide to the Project Management Body of Knowledge (PMBOK). This guide provides a well-known and applied framework for managing successful projects.

A project, such as an audit, has three important characteristics. First, a project is temporary. This means it has an identified start and end date. Unlike operations or a program, a project lasts for a finite time period. Second, a project is unique and produces unique results. At the end of the project, a deliverable is produced. Although projects might be similar, the process, resources, constraints, and risks, for example, will differ. Finally, a project is progressively elaborated. Because each project is unique, the process is more dynamic. Projects will occur in separate steps. As the process continues, the next phase becomes clearer.

Projects require someone to manage them. This position is often given the title of project manager. Large projects and even audits might have a dedicated project manager. Other times, the person managing the project might be the project expert. Project management requires the management of three competing needs to achieve the project objectives. Known as the triple constraint, these include scope, cost, and time. Consider, for example, a project with a large scope, but with little time and cost. More than likely, quality will be compromised. A project manager must be aware of all three constraints at the start of and throughout the project.

5/28/2018 Strayer University Bookshelf: Auditing IT Infrastructures for Compliance

https://strayer.vitalsource.com/#/books/9781284104387/cfi/6/40!/4/66/4@0:0 3/23

PRINTED BY: juliehalperson@gmail.com. Printing is for personal, private use only. No part of this book may be reproduced or transmitted without publisher's prior permission. Violators will be prosecuted.

Planned audit activities also have a defined rate of occurrence, known as the audit frequency. There are two approaches to determine audit frequency. Audits can occur on an annual basis or every two or three years, depending on regulatory requirements and the determined risk. IT audits also are known for not following a predefined frequency, but instead using a continuous risk-assessment process. This is more appropriate given the fast-paced change in technology as well as the threats and vulnerabilities related to IT.

Identifying Critical Requirements for the Audit

The risk assessment will influence the critical requirements for an IT audit. Overall, there are various types of IT audits. In addition to infrastructure audits for compliance, other examples include audits specific to IT processes, such as governance and software development. Another example includes integrated audits, where financial controls are the focus.

Auditing IT infrastructure for compliance incorporates the evaluation of various types of controls. IT organizations today are concerned with controls relating to both security and privacy. Traditionally, privacy and information security activities are separate activities. The two, however, have become more interrelated, and coordination between the two has become a priority for many organizations. Two major factors contributing to this are regulatory issues and the rapid growth and widespread use of the Web. As a result, both privacy and information security are converging, specifically around compliance issues.

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Unique Academic Solutions
Accounting & Finance Mentor
Top Essay Tutor
Top Rated Expert
Math Guru
Supreme Essay Writer
Writer Writer Name Offer Chat
Unique Academic Solutions

ONLINE

Unique Academic Solutions

You can award me any time as I am ready to start your project curiously. Waiting for your positive response. Thank you!

$173 Chat With Writer
Accounting & Finance Mentor

ONLINE

Accounting & Finance Mentor

I am known as Unrivaled Quality, Written to Standard, providing Plagiarism-free woork, and Always on Time

$144 Chat With Writer
Top Essay Tutor

ONLINE

Top Essay Tutor

I have read and understood all your initial requirements, and I am very professional in this task.

$51 Chat With Writer
Top Rated Expert

ONLINE

Top Rated Expert

I have read and understood all your initial requirements, and I am very professional in this task.

$89 Chat With Writer
Math Guru

ONLINE

Math Guru

I have read your project details. I can do this within your deadline.

$41 Chat With Writer
Supreme Essay Writer

ONLINE

Supreme Essay Writer

I have read and understood all your initial requirements, and I am very professional in this task.

$122 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Go fund me lucas mcculley - Losing Isiah Case Study - Hdpe vs ldpe production - German present perfect verb list - Analysis of hydrogen peroxide solution lab answers - David gorin leslie jamison - 1020 hull street suite 300 baltimore md 21230 - Refrigeration oil cross reference - Purdue owl semicolon exercises - Problem Solving, Creativity and Solution Setting - Examples of diction in the devil in the white city - 39118 calle bonita green valley ca 91390 - Learn luther king house - Contrast the five bases of power - The red fox fur coat analysis - How many birchbox subscribers are there - Integers and absolute value powerpoint - Robert frost nothing gold can stay - Oracle reports parameter form - Week 10- tariffs on imports - 15 7 as a mixed number - The eye of the storm movie - First and second stop micropipette - Need early tomorrow - Corey corey and callanan decision making model - S/4hana self-service procurement configuration cookbook - Discussion 150 words - Scion hero character sheet - Miller dynasty 200 help codes - Week 3 Project - Walt disney company pricing strategy - Types of group behaviour pdf - Romeo's friend who tries to make peace - Hundred flowers slaughter confusing a gentleman's heart - 34 pin connector on motherboard - Chapter 10 Discussion - (1) Preparing a power point Review of 400 word for each 8 chapters (Forrester, shadow of Justice) - 1.43 repeating as a fraction - Build private cloud using openstack - Reaction of carbonyl compounds with grignard reagent - Monopolies are socially inefficient because the price they charge is - Adirondack white pine cabins - Rules for adding s and es - Solve 3x 2 5x 1 0 using the quadratic formula - Case Study-Advanced Patho Wk2 - An Organization's External Environment - Discipline and punishment difference - Roll a d6 lyrics - Queensland bdm transcription service - Pay for Performance (P4P) - Is lizzy greene related to joan cusack - Air force gap year - Week 6 Biology - Cats are better than dogs persuasive - Twas the night before christmas left right game - Case study treatment plan example - Daphnia heart rate lab answers - 747 bus timetable aberdeen - Air force master training plan example - Sectioning in engineering drawing ppt - British airways restructures its entire organization - An electron with an initial velocity - What does the word root gastr refer to - Critique of research article - Time series analysis notes - Pride and ferrell marketing 2016 pdf - COVID-19 Environmental Impact Report - What is an epiphany moment - Basis point value calculation caiib - The sibeon and the sibotre - Year 2 curriculum queensland - Hells angels clubhouse coquitlam - Allmen labour hire newcastle - 150 words - Government - Curriculum planning and development division - Plant and animal cell venn diagram - Binary to excess 3 code - Professional Ethics - Color brave ted talk - National core standards definition - Cloud Computing - Miles hodges 11 things i shoulda said - Cable pull through jeff nippard - Junior sea cadets uniform - Library Media - Cube faces and edges - Philosophy unit 6 paper - What is my gotra - Strategic supply chain management and logistics assignment - Family day care consultant - Source comparison worksheet - Los invitados / no / querer / esperar / en la fiesta - Lewis dot diagram for mg - Safe work industry module - Can trade discounts be taken on freight - Sleep and rest practices in childcare - Convert grams cm3 to lbs in3 - 2008 pdhpe hsc exam - Wireless plc communication with gsm module