Question

In: Computer Science

Case- IT Auditing Windows servers are used for all server types (application, web and database delivery)....

Case- IT Auditing

Windows servers are used for all server types (application, web and database delivery). Windows patch updates comply with the change management policy. Windows patches are downloaded to a central patch server. All patches are reviewed and tested prior to deployment to production servers. All approved patches are first deployed to the development servers, then to the test servers and finally to production servers. Although patches occur on Wednesday evening, if a system reboot is required these are not perform until the weekend downtime window. Approval is not required for patch updates for these are considered a normal standard process for ABC. Additionally, prior to deployment all patches are reviewed to ensure they will function with current systems.

Question: What are the Controls and what are the GAPS

Solutions

Expert Solution

Internal control by auditing, is a process for assuring of an organization's objectives in operational effectiveness and efficiency, regulations and policies.

Audit Test of controls is a type of audit examination on the internal control of an entity.Quality of financial statements is significantly depending the control over financial reporting.

Internal controls are procedures implemented by a company to ensure the integrity of financial and accounting information, prevent fraud.

The gap analysis is focused on what is missing in the processes compared to a set of requirements while an internal audit is centered on verifying that the process conforms to the requirements .

A control gap occurs when a control does not exist,Control gaps can relate to the design effectiveness of operating effectiveness of the control.

Process gap means an error in one of the steps but the process can still produce some of the planned output.

venereology answered 4 months ago
Next > < Previous

Related Solutions

A small company network have multiple servers (including a web server, a log server, DNS servers,...
A small company network have multiple servers (including a web server, a log server, DNS servers, a file server for inventory information and customer orders, but no email server) , two firewalls, DMZ, and PCs. The company sales products online. a). Suppose that you are a system administrator. What types of network connections will you allow to be established with the servers in the DMZ from the Internet? b). What are the points of entry for attackers? c). How do...
You need to design a Web Server, Database Server and a Backup server. If you had...
You need to design a Web Server, Database Server and a Backup server. If you had to choose from the following list of resources which ones would you place a priority on and state why you would do so. List these for each server type. Hint: You need to think about the functionality of the server. Based on this information, which resource would you emphasize on the most to increase the performance of the server. CPU utilization and speed Multiprocessing...
Case- IT Auditing The SSO Server is a single purpose server solely designed for SSO and...
Case- IT Auditing The SSO Server is a single purpose server solely designed for SSO and resides in the internal network. Using a batch process, the vendor provides quarterly updates which are downloaded directly to the server and automatically installed by the server’s single purpose operating system. Access to the SSO application is restricted to the security administration staff. The vendor maintains an active account on the server in the event maintenance is required. The vendor accesses the system periodically...
Let's look at the auditing system in Windows Server 2008. What are the characteristics? How do...
Let's look at the auditing system in Windows Server 2008. What are the characteristics? How do you set it up?
Explain the key difference between a web service application and a general client/server application
Explain the key difference between a web service application and a general client/server application
List five types of files (e.g., JS) that have special meaning in web servers/web pages, and...
List five types of files (e.g., JS) that have special meaning in web servers/web pages, and explain briefly the role of each of the file types. explain the hierarchy of network protocols used by web browsers/web servers, starting from the low level (IP) up to the high level (HTTP), with a brief explanation of each one.
unctional Requirements  Design a Windows Forms Application for a movie database providing appropriate controls for...
unctional Requirements  Design a Windows Forms Application for a movie database providing appropriate controls for the following data:  Movie Name  ISBN13 Number (optional)  Release Date  Location (Canadian OR International)  Genre (Action, Biography, Comedy, Drama, Educational, History, Horror, Musical, Mystery, Romance, Sci-Fi, Thriller OR Western)  Rating (1 to 5 stars)  Duration (in minutes)  Price  Support loading and saving of the data for multiple movies to a Sequential Text file  Display...
A systems developer needs to provide machine-to-machine interface between an application and a database server in...
A systems developer needs to provide machine-to-machine interface between an application and a database server in the production environment. This interface will exchange data once per day. Which of the following access control account practices would BEST be used in this situation? A.Establish a privileged interface group and apply read -write permission.to the members of that group. B.Submit a request for account privilege escalation when the data needs to be transferred C.Install the application and database on the same server...
Assume a 2.8 MByte file is being uploaded from a client application to a web server....
Assume a 2.8 MByte file is being uploaded from a client application to a web server. Answer the following questions from the perspective of the protocol stack on the client. a. What protocol is in use at the application layer? b. Is this application layer protocol reliable? c. The application layer hands this 2.8 MByte file to the transport layer. What protocol is in use at the transport layer? d. Is this transport layer protocol reliable? e. Is this transport...
Web Server Infrastructure Web application infrastructure includes sub-components and external applications that provide efficiency, scalability, reliability,...
Web Server Infrastructure Web application infrastructure includes sub-components and external applications that provide efficiency, scalability, reliability, robustness, and most critically, security. The same advancements made in web applications that provide users these conveniences are the same components that criminal hackers use to exploit them. Prudent security administrators need to be aware of how to harden such systems. Use the graphic below to answer the following questions: Stage 1 Stage 2 Stage 3 Stage 4 Stage 5 Client Firewall Web Server...
ADVERTISEMENT
Subjects
ADVERTISEMENT
Latest Questions
ADVERTISEMENT