What is the role of an internal IT audit group in an organization? Why is having such a group important for an organization and why should it report outside the normal IT reporting channels?
What are at least three questions that you would ask to perform basic threat modeling for a field other than health care? Base your response on the information found in the AHC Media article (2009). Discuss your reasons for picking the questions you use.