Goals and objectives Frequency of the audit
Identify the critical requirements of the audit for your chosen organization and explain why you consider them to be critical requirements.
Choose privacy laws that apply to the organization, and suggest who is responsible for privacy within the organization.
Develop a plan for assessing IT security for your chosen organization by conducting the following:
Risk management Threat analysis Vulnerability analysis Risk assessment analysis
Explain how to obtain information, documentation, and resources for the audit.
Analyze how each of the seven( 7) domains aligns within your chosen organization.
Develop a plan that: Examines the existence of relevant and appropriate security policies Verifies the existence of controls supporting the policies.
Verifies the effective implementation and ongoing monitoring of the controls.