ComputerScienceExpert
$18/per page/
For this project, there is no template which means that it will be a document you will need to create. I have attached the grading rubric, which will identify what the document(s) will need for full credit.
Thanks
Table of ContentsCompany Overview.....................................................................................................................................1Corporate Governance & Management...................................................................................................1OperaTons...............................................................................................................................................4AcquisiTons.............................................................................................................................................4Legal and Regulatory Environment..........................................................................................................5Policy System...........................................................................................................................................6Risk Management & ReporTng................................................................................................................6I± Security Management..........................................................................................................................7InformaTon ±echnology Infrastructure........................................................................................................8Enterprise Architecture............................................................................................................................8OperaTons Center I± Architecture...........................................................................................................9Field O²ce I± Architecture....................................................................................................................10System InterconnecTons.......................................................................................................................11Tables±able 1. Key Personnel Roster......................................................................................................................3±able 2. Red Clay RenovaTons O²ce LocaTons & Contact InformaTon.......................................................4FiguresFigure 1. Red Clay RenovaTons OrganizaTon Chart.....................................................................................2Figure 2. Overview for Enterprise I± Infrastructure.....................................................................................9Figure 3. I± Architecture for OperaTons Center...........................................................................................90\
Project #4: IT Audit Policy and PlansCompany Background & Operating EnvironmentUse the assigned case study for informaTon about “the company.”Policy Issue & Plan of Action±he corporate board was recently briefed by the Chief InformaTon OFcer concerning thecompany’s I± Security Program and how this program contributes to the company’s risk managementstrategy. During the brie²ng, the CIO presented assessment reports and audit ²ndings from I± securityaudits. ±hese audits focused upon the technical infrastructure and the e³ecTveness and eFciency of thecompany’s implementaTon of security controls. During the discussion period, members of the corporateboard asked about audits of policy compliance and assessments as to the degree that employees were(a) aware of I± security policies and (b) complying with these policies.±he Chief InformaTon OFcer wastasked with providing the following items to the board before its next quarterly meeTng:(a) Issue Speci²c Policy requiring an annual compliance audit for I± security policies asdocumented in the company’s Policy System(b) Audit Plan for assessing employee awareness of and compliance with I± security policiesa.Are employees aware of the I± security policies in the Employee Handbook?b.Do employees know their responsibiliTes under those policies?(c) Audit Plan for assessing the I± security policy systema.Do required policies exist?b.Have they been updated within the past year?c.Are the policies being reviewed and approved by the appropriate oversightauthoriTes (managers, I± governance board, etc.)?Your Task AssignmentAs a sta³ member supporTng the CISO, you have been asked to research this issue (audiTng I±security policy compliance) and then prepare an “approval dra´” for a compliance policy. You must alsoresearch and dra´ two separate audit plans (a) employee compliance and (b) policy system audit. ±heaudit policy should not exceed two typed pages in length so you will need to be concise in your wriTngand only include the most important elements for the policy. Make sure that you include a requirementfor an assessment report to be provided to company management and the corporate board of directors.µor the employee compliance assessment, you must use an interview strategy whichincludes 10 or more mulTple choice quesTons that can be used to construct a web-based survey of all employees. ±he quesTons should be split between (a) awareness ofkey policies and (b) awareness of personal responsibiliTes in regards to compliance.µor the policy system audit, you should use a documentaTon assessment strategy whichreviews the contents of the individual policies to determine when the policy was last
Attachments: