This Assignment Consists Of Four Sections
This Assignment Consists Of Four 4 Sections An Internal It Audit Po
This assignment consists of four (4) sections: an internal IT audit policy, a management plan, a project plan, and a disaster recovery plan. You must submit all four (4) sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and/or assume all necessary assumptions needed for the completion of this assignment. Imagine you are an Information Security Manager for a large national retailer.
You have been hired to be directly responsible for the planning and oversight of IT audits. At the request of the Board of Directors, the CEO has tasked you with developing a plan for conducting regular audits of the IT infrastructure. The planning and management aspects of IT audit are critical to the overall success of the audit, and as a result, the overall success of the systems implemented within the organization. You must develop a policy for conducting IT audits and develop a project plan for conducting two-week IT audits.
In addition to the typical networking and internetworking infrastructure of a medium-sized organization, the organization has the following characteristics: They have a main office and 268 stores in the U.S. They utilize a cloud computing environment for storage and applications. Their IT infrastructure includes Cisco workgroup and core switches, Cisco routers, Cisco firewalls and intrusion prevention systems, and servers running Microsoft Windows Server 2012. They have over 1000 desktops and approximately 500 organization-owned laptops in the main headquarters. They allow employees to bring their own devices into the organization; however, they are subject to being searched upon entry and exit from the building. They enable remote access to corporate information assets for employees and limited access to extranet resources for contractors and other business partners. They enable wireless access at the main office and the stores. They process an average of 67.2 credit card transactions per hour every day at each location and via their corporate Website.
Section 1: Internal IT Audit Policy
Develop a three to four (3-4) page paper in which you:
- Develop an Internal IT Audit Policy, which includes at a minimum:
- Overview
- Scope
- Goals and objectives
- Compliance with applicable laws and regulations
- Management oversight and responsibility
- Areas covered in the IT audits
- Frequency of the audits
Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Section 2: Management Plan
Write a four to six (4-6) page paper in which you:
- Explain the management plan for conducting IT audits, including:
- Risk management
- System Software and Applications
- Wireless Networking
- Cloud Computing
- Virtualization
- Cybersecurity and Privacy
- Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
- Network Security
Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Section 3: Project Plan
Use Microsoft Project or an open-source alternative such as OpenProject to:
- Develop a project plan that includes applicable tasks for each of the major areas listed below for each element of the IT audit. The plan should outline a two (2) week audit period.
- Risk management
- System software and applications
- Wireless networking
- Cloud computing
- Virtualization
- Cybersecurity and privacy
- Network security
Section 4: Disaster Recovery Plan
Develop a five to seven (5-7) page paper outlining a Disaster Recovery Plan (DRP) for recovering from a major incident or disaster affecting the organization. The DRP must:
- Ensure no data loss
- Allow immediate access to organizational data in the event of a disaster
- Have critical systems operational within 48 hours
- Include within the DRP the audit activities needed to ensure the preparedness and effectiveness of the DRP in meeting the above requirements
Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Formatting Requirements
Your submission must follow these formatting guidelines:
- Be typed, double-spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
- Citations and references must follow APA or your institution's preferred formatting style.
- Include a cover page with the assignment title, your name, your professor’s name, course title, and date. The cover page and references are not included in the page count.