ASG 3


 Same company of ASS 2 

INFORMATION SYSTEM AUDITING 

 use APA citations intext citation 

3 Page 

Part 1

Describe the listed risks below for the company you have chosen. You may add to this list to address risks that you find in the company that you have chosen for your Key Assignment.

  1. Evaluation of Risk Effects Data CIA (Confidentiality, Integrity, and Availability)
  2. Computer Security and Accessibility
  3. Fire Risk
  4. Flooding Damages
  5. Risk of Stealing or Tampering With Sensitive Data
  6. Power Failure
  7. System Administration
  8. Backup Recovery

Part 2

Develop a checklist that will be used to implement the mitigation to the risk, in Week 4. Following is an example of what should appear on your checklist. Alter this for your chosen company.

  1. A copy of the last audit report
  2. System administration of IT accounts
  3. The installed and updated software and hardware
  4. List of all incremental backups and daily backups
  5. List of any new installed IT use policies and rules and regulations
  6. Data integrity, confidentiality, and usability of how you are implementing this

This list is necessary in adopting a mechanism or a guide to write and apply the audit procedure specified earlier in the audit plan and eventually will produce the report.

links provided by professor 

The link to the risk assessment is below (note: this is a general risk assessment and not necessarily related to IT)

https://www.austintexas.gov/sites/default/files/files/HSEM/City%20of%20Austin%20HMAP%20Update-9.15.2021-9.14.2026-PUBLIC%20COPY.pdf

The NIST guide for conducting IT risk assessments

https://www.nist.gov/publications/guide-conducting-risk-assessments

36 types of IT risk

Another risk assessment example – IT focus

https://itsecurity.uiowa.edu/sites/itsecurity.uiowa.edu/files/sampleriskassessmentreport.pdf