CONTROL STRUCTURES: AUDITING
Effective planning and well-defined structure must be a part of an audit policy for it to work properly. As IT professionals, we do not have to monitor everything because we do not want to stress system resources with unmanageable data. Therefore, it is important to identify the most meaningful events and activities that should be audited within an organization having in mind the needs of the organization.
In this Case Assignment, you are required to read the articles listed as required in the background page about the auditing process.
When you’ve read the required articles and conducted additional research on the optional readings and other readings you find interesting, please compose a short (4-5 pages without counting the cover and references) paper on the topic:
How to conduct the best IT and Information Security Audits. How the Maturity Model of COBIT can help an IS Audit.
Below are some questions for you to think about to help you get started:
- Clarify the differences between information systems auditing and information security auditing.
- Explain the criteria for setting up priorities and scope for auditing
- What is COBIT? You can refer to Cobit 4 which is available for free but remember that the latest version is Cobit 5.
- How can COBIT help in the IT auditing process?
- What is the maturity model used in COBIT?
Remember, you do not have to explicitly answer these questions in your assignment. You should think about these questions and then integrate your thoughts into a well-organized paper that answers to the primary question.
For writing help, refer to the Trident University International Student Guide to Writing a High-Quality Academic Paper
Length: Follow the number of pages required in the assignment excluding cover page and references. Each page should have about 300 words.
Your assignment will be evaluated based on the Rubric.