Describe control objective and specific control you evaluate


Homework

You are part of a team selected by the Chief Information Officer (CIO) to perform a security audit for one of the companies explored in this course:

o Devil's Canyon

Create a 10 to 12 slides presentation (not including the title and reference slides) that shows the results of your security audit based on the following audit process:

I. Potential Risk to be Reviewed: Describe the risk.

i. Example: Viruses and malware can negatively impact the confidentiality, integrity, and availability of organizational data.

II. Regulation and Compliance Issues: Analyze how regulations and compliance issues could impact the organization.

i. Provide a detailed analysis of regulations and compliance issues, beyond the simple explanation in score point two.

III. Regulation and Compliance Resources and Tools: Analyze what resources and/or tools are available to address regulations and compliance issues.

IV. Describe the control objective and the specific controls you will evaluate to determine potential risk is mitigated. Note that typically, there will be more than one control that should be reviewed for a potential risk.

i. Example: Determine whether anti-virus software is in use.

ii. Example: Determine whether virus signatures are periodically updated.

iii. Example: Determine whether periodic virus scans are performed.

V. Provide a detailed analysis of the resources and/or tools available, beyond the simple explanation in score point two.

VI. IT Security - Processes and Methods: Differentiate between the various processes and methods involved in management of IT security resources.

i. Review the various options available to address those processes and methods previously explained, and which ones might be feasible.

VII. IT Security - Measures: Analyze the various security measures that could be taken within the organization.

i. Demonstrate a detailed understanding of what the alternatives are to approach security, how much security is needed, different methods to employ, etc.

ii. Describe the criteria/measures that you will use to evaluate the adequacy of each area/review step that you review (i.e., what criteria will you use to perform your evaluation/how will you determine that the risk has been mitigated to an acceptable level).

Format your homework according to the following formatting requirements:

i) The answer should be typed, using Times New Roman font (size 12), double spaced, with one-inch margins on all sides.

ii) The response also includes a cover page containing the title of the homework, the student's name, the course title, and the date. The cover page is not included in the required page length.

iii) Also include a reference page. The Citations and references must follow APA format. The reference page is not included in the required page length.

Solution Preview :

Prepared by a verified Expert
Management Information Sys: Describe control objective and specific control you evaluate
Reference No:- TGS03151689

Now Priced at $50 (50% Discount)

Recommended (97%)

Rated (4.9/5)