CIS 349 RANK Great Stories/cis349rank.com CIS 349 RANK Great Stories/cis349rank.com | Page 26

Goals and objectives
Frequency of the audit
Identify the critical requirements of the audit for your chosen
organization and explain why you consider them to be critical
requirements.
Choose privacy laws that apply to the organization, and suggest who is
responsible for privacy within the organization.
Develop a plan for assessing IT security for your chosen organization
by conducting the following:
Risk management
Threat analysis
Vulnerability analysis
Risk assessment analysis