Explain how to obtain information , documentation , and resources for the audit .
Analyze how each of the seven ( 7 ) domains aligns within your chosen organization .
Develop a plan that :
Examines the existence of relevant and appropriate security policies and procedures .
Verifies the existence of controls supporting the policies .
Verifies the effective implementation and ongoing monitoring of the controls .
Identify all critical security control points that must be verified throughout the IT infrastructure , and develop a plan that include adequate controls to meet high-level defined control objectives within this organization .