Conduct an IT audit of the ICT department a company and recommend controls for improvement. The purpose of this project is to provide you with hands-on experience in conducting an IT audit of a real-world organization, and to develop skills in identifying weaknesses in IT systems and recommending controls to mitigate risks. 1. Conduct the audit using industry-standard auditing frameworks and tools. The audit should cover areas such as network security, data backup and recovery, access controls, and software management but you may not access protected data. You can however ask the administrator questions about these. 2. Based on the results of the audit, prepare a report outlining your findings and recommendations for improving the ICT department's IT controls. Recommendations should be prioritized based on the level of risk posed by each control weakness, and should take into account the university's budget and resources. 3. In addition to the written report, you will be required to deliver a presentation of your findings to assessors, highlighting key areas of concern and their proposed controls for improvement.
Conduct an IT audit of the ICT department a company and recommend controls for improvement. The purpose of this project is to provide you with hands-on experience in conducting an IT audit of a real-world organization, and to develop skills in identifying weaknesses in IT systems and recommending controls to mitigate risks. 1. Conduct the audit using industry-standard auditing frameworks and tools. The audit should cover areas such as network security, data backup and recovery, access controls, and software management but you may not access protected data. You can however ask the administrator questions about these. 2. Based on the results of the audit, prepare a report outlining your findings and recommendations for improving the ICT department's IT controls. Recommendations should be prioritized based on the level of risk posed by each control weakness, and should take into account the university's budget and resources. 3. In addition to the written report, you will be required to deliver a presentation of your findings to assessors, highlighting key areas of concern and their proposed controls for improvement.
Management Of Information Security
6th Edition
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:WHITMAN, Michael.
Chapter10: Planning For Contingencies
Section: Chapter Questions
Problem 2E
Related questions
Question
Conduct an IT audit of the ICT department a company and recommend
controls for improvement. The purpose of this project is to provide you with hands-on experience in conducting an IT audit
of a real-world organization, and to develop skills in identifying weaknesses in IT systems and
recommending controls to mitigate risks.
1. Conduct the audit using industry-standard auditing frameworks and tools.
The audit should cover areas such as network security, data backup and recovery, access
controls, and software management but you may not access protected data. You can however ask
the administrator questions about these.
2. Based on the results of the audit, prepare a report outlining your findings and
recommendations for improving the ICT department's IT controls.
Recommendations should be prioritized based on the level of risk posed by each control
weakness, and should take into account the university's budget and resources.
3. In addition to the written report, you will be required to deliver a presentation of your
findings to assessors, highlighting key areas of concern and their proposed controls for
improvement.
Expert Solution
This question has been solved!
Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.
Step by step
Solved in 3 steps
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Recommended textbooks for you
Management Of Information Security
Computer Science
ISBN:
9781337405713
Author:
WHITMAN, Michael.
Publisher:
Cengage Learning,
Principles of Information Systems (MindTap Course…
Computer Science
ISBN:
9781305971776
Author:
Ralph Stair, George Reynolds
Publisher:
Cengage Learning
Systems Architecture
Computer Science
ISBN:
9781305080195
Author:
Stephen D. Burd
Publisher:
Cengage Learning
Management Of Information Security
Computer Science
ISBN:
9781337405713
Author:
WHITMAN, Michael.
Publisher:
Cengage Learning,
Principles of Information Systems (MindTap Course…
Computer Science
ISBN:
9781305971776
Author:
Ralph Stair, George Reynolds
Publisher:
Cengage Learning
Systems Architecture
Computer Science
ISBN:
9781305080195
Author:
Stephen D. Burd
Publisher:
Cengage Learning