CIS 349 IT Infrastructure Audit for Compliance discussion
Choose an organization you are familiar with and develop an eight to ten page IT infrastructure audit for compliance in which you:
- Define the following items for an organization you are familiar with:
- Scope
- Goals and objectives
- Frequency of the audit
- Duration of the audit
- Identify the critical requirements of the audit for your chosen organization and explain why you consider them to be critical requirements.
- Choose privacy laws that apply to the organization, and suggest who is responsible for privacy within the organization.
- Develop a plan for assessing IT security for your chosen organization by conducting the following:
- Risk management
- Threat analysis
- Vulnerability analysis
- Risk assessment analysis
- Explain how to obtain information, documentation, and resources for the audit.
- Analyze how each of the seven (7) domains aligns within your chosen organization.
- Align the appropriate goals and objectives from the audit plan to each domain and provide a rationale for your alignment.
- Develop a plan that:
- Examines the existence of relevant and appropriate security policies and procedures.
- Verifies the existence of controls supporting the policies.
- Verifies the effective implementation and ongoing monitoring of the controls.
- Identify the critical security control points that must be verified throughout the IT infrastructure, and develop a plan that includes adequate controls to meet high-level defined control objectives within this organization.
- Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
"Looking for a Similar Assignment? Order now and Get 10% Discount! Use Code "GET10" in your order"
