Purpose
This project provides an opportunity for you to apply principles related to auditing to ensure information systems are in compliance with pertinent laws and regulations, as well as industry requirements.
Learning Objectives and Outcomes
You will be able to:
Introduction
Public and private sector companies are expected to comply with many laws and regulations as well as industry requirements to promote information security. Assessments and audits of the information technology (IT) environment help to ensure a company is in compliance. A successful information security professional must be able to assess a business’s needs, evaluate various standards and frameworks, and develop a customized, integrated internal control system that addresses the company’s compliance responsibilities. Furthermore, the professional must be able to communicate with various people—both inside and outside the organization—to facilitate awareness of how control activities mitigate weaknesses or potential losses that could compromise the company’s information security.
Deliverables
The project is divided into three parts.