CIS 349 Planning an IT Infrastructure Audit for Compliance

Strayer CIS 349 Information Technology Audit and Control, Final Term Paper, Planning an IT Infrastructure Audit for Compliance, 26 pages, 4630 words, for Auditing IT Infrastructures for Compliance.
The audit planning process directly affects the quality of the outcome. A proper plan ensures that resources are focused on the right areas and that potential problems are identified early. A successful audit first outlines the objectives of the audit, the procedures that will be followed, and the required resources.


Download Now
(sent via email)



Discussion

Take a position on whether or not you would want to pursue a career as an IT auditor. Explain the key reasons why or why not. Determine if you would recommend this job to your family and friends. Provide a rationale for your response. I would not mind pursuing a career as an auditor, as long as it was for an auditing firm. That way I could see multiple systems in different companies. It would not be the same thing all the time. I would not enjoy it if I was stuck doing the same system(s) repeatedly (like an internal auditor for a company for example). Most of my family or friends do not delve into computers as much as I do, so they would not be interested in such a job. Imagine you are working as an IT auditor. Identify the three (3) best practices you believe would be most useful when conducting audits for various businesses. Justify your choices. Documentation and Policy: I have seen too many times where the ‘Change Management’ procedures were not followed and critical changes were not documented. This created havoc when systems went down and when the repair team tried to work they did not have the current equipment configurations or wiring diagram so the repairs were impeded and it took a lot longer than it should have. Consistency: consistent audits and periodic assessments help ensure that organizations are staying compliant to all the new security requirements. It almost forces them to stay current or else they will be found deficient in the upcoming audit. • Involve the correct personnel: Not everyone could know everything about every system or program, so make sure to include program managers, system admins, and other technical specialists in the audit teams.

Close Menu