Question

In: Accounting

Assuming that your group is a team of IT auditors who have just got an assignment...

Assuming that your group is a team of IT auditors who have just got an assignment to audit information logging of servers of a company. You have known that logs are important for information systems operation and security because logs can be used to detect unauthorized access, identify unfavorable trend, and provide data for determining the root cause of system failures. Your supervisor asked you to (1) find out what system activities are to be logged according to commonly used policies or standards. (Hint: Use the internet to search for commonly used policies of standards. Then, list the system activities in you answer. The source of the list should be included in your answer.) (2) verify whether the company maintains all those necessary logs defined in (1). (Hint: Describe the audit procedure(s) you will use to accomplish this task) (3) find out what are necessary elements of system log, such as user id. (4) examine whether the system logs actually include necessary elements (Hint: Describe the audit procedure(s) you will use to accomplish this task) (5) verify whether these logs are regularly reviewed (Hint: Describe the audit procedure(s) you will use to accomplish this task)

Solutions

Expert Solution

Internal audit typically has three phases; planning, testing & reporting. Every audit begins with the definition of scope of audit. Once the scope is defined, the audit plan is laid out with the inputs and data requirements, analysis & sampling of input data based on deviations and material observations, the audit initially begins with the sample data and is then extended based on the audit findings.

Logging provides a record of events related to IT systems and processes. Every recorded log is an independent entry with information of the event like time stamp, user id, ip address and approval level etc.

The organization generates audit trails and logs to reconstruct the following events:

  • All individual user data to cardholder data
  • All actions taken by any individual with root or adminitrative privileges
  • Access to audit trails
  • Invalid logical access attempts
  • Use of identification and authentication mechanisms
  • Initialization of audit logs
  • Creation & deletion of system level objects

An organization records the audit trail with following elements:

  • user identification
  • type of event
  • date & time
  • success or failure indication
  • origination of event
  • identity or name of affected data, system component or resource

Audit Planning

  • The auditor develops an initial audit plan draft.
  • Auditor meets the relevant department officials to review audit program and define key inputs and stakeholders.
  • Management provides the data as requested by the auditor
  • Auditor drafts the internal audit program plan.
  • Auditor shares the plan with management who agree or modify the same based on mutual arrangement.

Audit Testing

  • Auditor evaluates information on logging, monitoring and reporting policies and procedures.
  • Stakeholders of relevent departments conduct walk-throughs of the entire process and checks and controls in place
  • Auditor evaluates the quality of information, reliability and consistency of the inputs shared.
  • Auditor assesses logging, monitoring & reporting performance metrics
  • Auditor evaluates whether logging, monitoring and reporting controls are satisfactory or not
  • Auditor defines tests to confirm the operational effectiveness
  • Auditor identifies and recommends scope of improvement and observations
  • There's a final meeting with the relevant stakeholders to share the test results and feedback on overall review

Audit Standard Practices & Procedures

  • Service Level Monitoring & Reporting - The organization continously monitors identified service level performance and provides status reports to the management
  • Access Control - It includes information access tracking, account management, account change notification, account access supervision & review, remote access tracking, wireless access tracking, tracking on portable & network devices and system use notification
  • System Logging & Monitoring - It includes log monitoring, analysis & reporting and log retention
  • Security Assessment & Accreditation - Periodic tests and audits as per COBIT, ISO, NIST and relevant standards
  • Change & Configuration Management - It includes change control, monitoring configuration changes & information change detection
  • Identification & Authentication - Authenticator Management across all forms of access; tokens, PKI certificates, biometrics, passwords, key cards etc.
  • Incident Reponse - Incident tracking, response, reporting, support and monitoring
  • System Maintenance - System maintenance tool tracking & remote maintenance monitoring
  • Media Protection - Media access monitoring & control, media preservation & media sanitization monitoring
  • Infrastructure Protection - Infrastructure monitoring with a log of events to enable investigaton understanding sequence of operations, impacting events and other activities
  • Physical Protection - Physical access tracking, visitor tracking, visitor access log reviews, internal climate control & Third Party Security Monitoring
  • Systems & Communications Protection - Boundary monitoring, mobile code monitoring and voip monitoring
  • Account Management - Automation , remote access monitoring, wireless access monitoring, portable devices and cardholder data

Related Solutions

You have been appointed as a team leader to a group of auditors assigned to assess...
You have been appointed as a team leader to a group of auditors assigned to assess RMZ Trading, a big retail store selling mobile phones in Nizwa. The store has been operating in Nizwa for the past five years and has been doing well. It has many customers and income is coming in. Because of this, the store is usually keeping a large stock of its inventory of mobile phones, in varying brands and models. While analyzing the inventory of...
1. Have you ever been in a group or team (or observed a group or team)...
1. Have you ever been in a group or team (or observed a group or team) that was a victim of "groupthink"? What symptoms did you observe? How did its members behave? What were its goals, and to what extent were they achieved? How did non-members (e.g., outsiders such as other groups/teams/departments) react emotionally and behaviorally (if at all) to the group or team exhibiting groupthink?
This will be your first collaborative assignment with your team. Your team will submit one 1-2...
This will be your first collaborative assignment with your team. Your team will submit one 1-2 page plan outlining the methods your team will use to work together. Topics such as communications, expectations of team members, and technology use should be covered.
Who would be the most optimal person or people to have on your Management Team or...
Who would be the most optimal person or people to have on your Management Team or Board of Directors (or mentor) for your business or the creation of your business venture? This can be any person alive in all of the world (dream big!). Name the person, describe why you picked them and what they would bring to the table. This can be more than one person if you'd like. Have fun with it! *At least one paragraph in length...
Group Case Study Assignment on IKEA For your group assignment, I'd like you to engage in...
Group Case Study Assignment on IKEA For your group assignment, I'd like you to engage in a strategic investigation of one of the companies listed or your own selection—with instructor’s approval. First, you will define the larger strategic context, specifically focusing on the industry and generic strategy. Then you will identify your company’s core competencey. Finally, you will comment on four potential strategic initiatives that you suggest your company take to grow their business. In all instances, you will need...
You have just made your first $5,700 contribution to your retirement account. Assuming you earn an...
You have just made your first $5,700 contribution to your retirement account. Assuming you earn an 13 percent rate of return and make no additional contributions, your retirement account will be worth $592,728 when you retire in 38 years. What will your account be worth at retirement if you had waited 7 years before making the $5,700 contribution? (Round time value factors to 6 decimal places and final answer to the nearest dollar amount)
Terry’s auditors have approached the management team with their concern that Terry has not been properly...
Terry’s auditors have approached the management team with their concern that Terry has not been properly recording deferred taxes. In particular, they are concerned that Terry is simply recognizing 25% as the company’s income tax expense. They have asked the company to make a thorough review of the company’s tax liability utilizing the services of professional tax accountants. The review revealed three book/tax differences in Terry’s financial information: The review revealed three book/tax differences in Terry’s financial information: 1.Terry’s management...
Terry’s auditors have approached the management team with their concern that Terry has not been properly...
Terry’s auditors have approached the management team with their concern that Terry has not been properly recording deferred taxes. In particular, they are concerned that Terry is simply recognizing 25% as the company’s income tax expense. They have asked the company to make a thorough review of the company’s tax liability utilizing the services of professional tax accountants. The review revealed three book/tax differences in Terry’s financial information: The review revealed three book/tax differences in Terry’s financial information: 1.Terry’s management...
You and your Team have to brief the head of a hedge fund, Mr. Moneypockets, who...
You and your Team have to brief the head of a hedge fund, Mr. Moneypockets, who is thinking about creating a portfolio investing just in these three stocks, for a major client of his that is willing to invest $100M in this particular portfolio. However, since this is a very large amount of money, relatively speaking, he wants your team to advise him on his idea. The volatility of his proposed market portfolio is 10% and it has an expected...
It is a database security assignment - Your team is in charge of writing a formal...
It is a database security assignment - Your team is in charge of writing a formal company policy to keep the company database assets secure.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT