Term Paper: Planning an IT Infrastructure Audit for Compliance

Note: Chapter 5 of the required textbook may be helpful in the completion of the assignment.

The audit planning process directly affects the quality of the outcome. A proper plan ensures that resources are focused on the right areas and that potential problems are identified early. A successful audit first outlines the objectives of the audit, the procedures that will be followed, and the required resources.

Choose an organization you are familiar with and develop an eight to ten page IT infrastructure audit for compliance in which you:

1. Define the following items for an organization you are familiar with:
   1. Scope
   2. Goals and objectives
   3. Frequency of the audit
   4. Duration of the audit
   1. Risk management
   2. Threat analysis
   3. Vulnerability analysis
   4. Risk assessment analysis
   1. Examines the existence of relevant and appropriate security policies and procedures.
   2. Verifies the existence of controls supporting the policies.
   3. Verifies the effective implementation and ongoing monitoring of the controls.

   Your assignment must follow these formatting requirements:

   • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
   • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

   The specific course learning outcomes associated with this assignment are:

   • Describe the parameters required to conduct and report on IT infrastructure audit for organizational compliance.
   • Describe the components and basic requirements for creating an audit plan to support business and system considerations
   • Develop IT compliance audit plans
   • Use technology and information resources to research issues in security strategy and policy formation.
   • Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.