1 / 60100%
Name
Strayer University
Planning an IT Infrastructure Audit for Compliance
CIS 349 - Information Technology Audit and Control
Term Paper: " Planning an IT Infrastructure Audit for Compliance
Due Week 10 and worth 200 points
Note: " Chapter 5 of the required textbook may be helpful in the completion of the
assignment.
The audit planning process directly affects the quality of the outcome. A proper plan ensures that
resources are focused on the right areas and that potential problems are identified early. A
successful audit first outlines the objectives of the audit, the procedures that will be followed,
and the required resources.
Choose an organization you are familiar with and develop an eight to ten page IT infrastructure
audit for compliance in which you:
1. Which organization has you chosen for this audit, and why? What is the size and scope of
the organization's IT infrastructure?
2. What are the primary objectives of this IT infrastructure audit for compliance? How will
compliance with relevant regulations and standards be assessed?
3. What specific regulations and standards are applicable to the organization's industry and
operations? How does non-compliance with these regulations impact the organization?
4. What specific components of the IT infrastructure will be included in the audit (e.g.,
networks, servers, databases, applications)? Will the audit cover physical and virtual
infrastructure elements?
5. Who will be part of the audit team, and what are their roles and responsibilities? What
resources (tools, software, hardware) will be required for the audit?
6. How will you identify and prioritize potential risks and compliance issues within the IT
infrastructure? What methodologies or frameworks will you use for risk assessment?
7. What specific audit procedures and methodologies will be employed to assess
compliance? How will you gather evidence and documentation during the audit?
8. Will the audit assess the organization's compliance with data protection and privacy
regulations (e.g., GDPR, HIPAA)?
9. How will you evaluate data security measures and policies? What documentation
standards will be used to record findings during the audit?
10. Where and how will you securely store audit documentation and evidence for future
reference?
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all
sides; citations and references must follow APA or school-specific format. Check with your
professor for any additional instructions.
Include a cover page containing the title of the assignment, the student's name, the professor's
name, the course title, and the date. The cover page and the reference page are not included in
the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Describe the parameters required to conduct and report on IT infrastructure audit for
organizational compliance.
Describe the components and basic requirements for creating an audit plan to support business
and system considerations
Develop IT compliance audit plans
Use technology and information resources to research issues in security strategy and policy
formation.
Write clearly and concisely about topics related to information technology audit and control
using proper writing mechanics and technical style conventions.
Click;here;to view the grading rubric.
Grading for this assignment will be based on answer quality, logic / organization of the paper,
and language and writing skills, using the following rubric.
Points: 200 Term Paper: Planning an IT Infrastructure Audit for Compliance
Criteria Unacceptable
Below 60% F
Meets
Minimum
Expectations
60-69% D
Fair
70-79% C
Proficient
80-89% B
Exemplary
90-100% A
1. Define
the
following
items for an
organization
you are
familiar
with: a)
Scope;
b)Goals and
objectives;
c)Frequency
Did not submit
or
incompletely
defined the
following
items for an
organization
you are
familiar with:
a) Scope; b)
Goals and
objectives; c)
Insufficiently
defined the
following
items for an
organization
you are
familiar with:
a) Scope; b)
Goals and
objectives; c)
Frequency of
the audit; d)
Partially
defined the
following
items for an
organizatio
n you are
familiar
with: a)
Scope; b)
Goals and
objectives;
c)
Satisfactorily
Students also viewed