Same company of ASS 2
INFORMATION SYSTEM AUDITING
use APA citations intext citation
3 Page
Part 1
Describe the listed risks below for the company you have chosen. You may add to this list to address risks that you find in the company that you have chosen for your Key Assignment.
- Evaluation of Risk Effects Data CIA (Confidentiality, Integrity, and Availability)
- Computer Security and Accessibility
- Fire Risk
- Flooding Damages
- Risk of Stealing or Tampering With Sensitive Data
- Power Failure
- System Administration
- Backup Recovery
Part 2
Develop a checklist that will be used to implement the mitigation to the risk, in Week 4. Following is an example of what should appear on your checklist. Alter this for your chosen company.
- A copy of the last audit report
- System administration of IT accounts
- The installed and updated software and hardware
- List of all incremental backups and daily backups
- List of any new installed IT use policies and rules and regulations
- Data integrity, confidentiality, and usability of how you are implementing this
This list is necessary in adopting a mechanism or a guide to write and apply the audit procedure specified earlier in the audit plan and eventually will produce the report.
links provided by professor
The link to the risk assessment is below (note: this is a general risk assessment and not necessarily related to IT)
https://www.austintexas.gov/sites/default/files/files/HSEM/City%20of%20Austin%20HMAP%20Update-9.15.2021-9.14.2026-PUBLIC%20COPY.pdf
The NIST guide for conducting IT risk assessments
https://www.nist.gov/publications/guide-conducting-risk-assessments
36 types of IT risk
Another risk assessment example – IT focus
https://itsecurity.uiowa.edu/sites/itsecurity.uiowa.edu/files/sampleriskassessmentreport.pdf
