IT Security and Audit Paper – Due ASAP

/in /by

Case Study 1: COBIT Framework
Due Week 3 and worth 70 points

Control Objectives for Information and related Technology (COBIT) is an IT control framework that allows IT management to develop clear policies and apply good practices. COBIT is a business-focused, process-oriented, controls-based, and measurement-driven structure that helps align IT with the business requirements. Imagine your organization was recently assessed by a third party and the results are addressed in the article titled “ Social Engineering, the USB Way” located at http://www.darkreading.com/security/article/208803634/index.html. In an attempt to mitigate future risks identified in the assessment, complete the following requirements:

Write a three to five (3-5) page paper in which you:

  1. Develop an IT security policy statement for your organization that addresses the following:
    1. social engineering
    2. malware
    3. the use of external storage devices on organizational equipment
    4. the education and training of users
  2. Explain and defend your proposed security policy statement.
  3. Suggest three (3) automated and / or physical controls to be incorporated into the IT infrastructure that support your proposed security policy statement.
  4. Analyze how the implemented controls would be monitored and evaluated for the purpose of effectiveness.

Develop a PowerPoint Presentation with a minimum of five (5) slides in which you:

  1. Define social engineering, malware, and removable storage devices.
  2. Identify the potential risks of social engineering, malware, and removable storage devices.
  3. Describe how the organization intends to combat the potential risks of social engineering, malware, and removable storage devices.

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

  • Explain the use of standards and frameworks in a compliance audit of an IT infrastructure.
  • Use technology and information resources to research issues in security strategy and policy formation.
  • Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions

"Is this question part of your assignment? We can help"

ORDER NOW