Question

In: Operations Management

Question: “AUDIT OF A FACILITY'S/SITE'S IT SECURITY” 1. List 5 overall audit goals for this audit...

Question: “AUDIT OF A FACILITY'S/SITE'S IT SECURITY”

1. List 5 overall audit goals for this audit

2. Describe the scope of the audit i.e. how big, broad, and deep the audit will be in terms of topics to be audited.

3. List 5 Critical success factors that you consider essential for the security to be considered “effective/successful” at this facility.

4. List 5 “things that could go wrong” with the security.

5. List 5 “Key performance indicators (KPI’s) that will help guide you in determining how well the application system is being effective/successful.

6. For the specific part of the audit that deals with “Off-premise backup and recovery of data”, list 5 specific audit program steps that you will do to accomplish your audit.

Solutions

Expert Solution

  1. Goals of audit:
    1. To provide an assessment of current IT security systems.
    2. To evaluate how well the client services are being used.
    3. To re-evaluate the integrity of security systems.
    4. To update the security patches.
    5. To identify potential areas of improvement
  2. Scope of audit:
    1. The audit will be done with the systems of entire site.
    2. IT security services implemented in the past fiscal year will be taken under consideration.
  3. Critical success factors:
    1. All systems must be free from any malware, PUPs, viruses, etc.
    2. All systems must be password protected and these passwords must be changed every 4 weeks.
    3. The IT security architecture should be well defined and have a structured build.
    4. Personal data must be secured.
    5. Access to emails should be highly secure and spam mails must be filtered.
  4. Things that could go wrong:
    1. Entry to malware, PUPs, viruses, etc.
    2. Leakage of sensitive information.
    3. No/weak password protections to systems.
    4. IT security architecture not well defined.
    5. Weak mail security.
  5. Key performance indicators:
    1. Number of reported security breach incidents.
    2. Number of implemented breach preventive measures.
    3. Number of improvement plans implemented.
    4. Number of security tests.
    5. Amount of time taken to resolve a security issue.

keosha answered 5 months ago
Next > < Previous

Related Solutions

a. List the four pillars of Software security and briefly explain how they contribute to overall...
a. List the four pillars of Software security and briefly explain how they contribute to overall security of a system. b. Give an example and demonstrate how input data validation can be implemented in secure software design. c. Briefly explain the design factors one must consider while developing secure coding.
1) Security & E-Business List 5 different types of security issues that may confront a Small...
1) Security & E-Business List 5 different types of security issues that may confront a Small Business Enterprises (not all are internet based). Discuss some proactive security solutions. Include an actual example. Explain the recent legislation change in regards to hacking of SBE’s that meet specific conditions. 2) Budgeting for Labour Commitments List and discuss some of the employee and payroll issues that may challenge a SBE. Select an actual example for one of these issues and discuss it in...
list FOUR VERY SPECIFIC dietary and or health realted goals one can implement to improve overall...
list FOUR VERY SPECIFIC dietary and or health realted goals one can implement to improve overall health status and explain how it does.
Assignment Question(s):​​​​​​(Marks 5) 1- What is Audit risk? 2- What is the role of an Audit...
Assignment Question(s):​​​​​​(Marks 5) 1- What is Audit risk? 2- What is the role of an Audit committee? 3- Write about Engagement letter and its importance? What is Engagement risk? 4- When an Auditor finds misstatements in entities financial statements which may be the result of fraudulent act, what should be the role of an auditor under that situation?
revision question 5- For the forthcoming audit of Tom and Lee Limited the audit partner of...
revision question 5- For the forthcoming audit of Tom and Lee Limited the audit partner of Jack Lift Audits has set a low acceptable audit risk compared to last year. The level of materiality the audit team will apply in the forthcoming audit will, therefore, be: Select one: a. Indeterminable as materiality is set by standard setters. b. Higher compared to last year. c. Lower compared to last year. d. Unchanged from last year. 6- You are a member of...
list 5 policies for medicare and identify what goals each each adresss
list 5 policies for medicare and identify what goals each each adresss
Write short notes on the following: 1.output goals 2.Adaptation goals 3.Management goals 4.Multivational goals 5.Positional goals
Write short notes on the following: 1.output goals 2.Adaptation goals 3.Management goals 4.Multivational goals 5.Positional goals
List at least 5 of the Millenium Development Goals and explain the world’s success about reaching...
List at least 5 of the Millenium Development Goals and explain the world’s success about reaching them
SIGNIFICANT RISKS In the overall audit strategy for the audit of Keystone Computers & Networks, Inc.,...
SIGNIFICANT RISKS In the overall audit strategy for the audit of Keystone Computers & Networks, Inc., Several significant risks were noted as a result of obtaining information about KCN and its environment, including: 1) KCN has engaged in a strategy to sell to customers with higher credit risk. 2) The officers of the company receive significant bonuses based on quarterly results. For each of the two above risks, identify the implications and potential responses. Hoping for a different response from...
SIGNIFICANT RISKS In the overall audit strategy for the audit of Keystone Computers & Networks, Inc.,...
SIGNIFICANT RISKS In the overall audit strategy for the audit of Keystone Computers & Networks, Inc., Several significant risks were noted as a result of obtaining information about KCN and its environment, including: 1) KCN has engaged in a strategy to sell to customers with higher credit risk. 2) The officers of the company receive significant bonuses based on quarterly results. For each of the two above risks, identify the implications and potential responses.
ADVERTISEMENT
Subjects
ADVERTISEMENT
Latest Questions
ADVERTISEMENT