Goals and objectives Frequency of the audit
Identify the critical requirements of the audit for your chosen organization and explain why you consider them to be critical requirements .
Choose privacy laws that apply to the organization , and suggest who is responsible for privacy within the organization .
Develop a plan for assessing IT security for your chosen organization by conducting the following :
Risk management Threat analysis Vulnerability analysis Risk assessment analysis
Explain how to obtain information , documentation , and resources for the audit .
Analyze how each of the seven ( 7 ) domains aligns within your chosen organization .
Develop a plan that : Examines the existence of relevant and appropriate security policies Verifies the existence of controls supporting the policies .
Verifies the effective implementation and ongoing monitoring of the controls .