Briefing Statement for IT Security Audit PlanChoose one of your two audit plans employee awareness of IT security policies assessment of the IT policy system Prepare a one page briefing statement for the IT Governance board which explains the purpose of the audit and provides the following details: who will conduct the audit (and why) what will be covered by the audit (and why) when will the audit be conducted (does that date/time have significance to the organization (i.e., fiscal year end?)) where will the audit be conducted (locations) (and why) how will be audit be conducted (what audit process?) Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your posting. Make sure you also use the discussion rubric when creating this response to ensure you have all the required elements.

    IT Defence Audit Plan

    There is want to engage an audit of employee apprisedness coercion IT defence policies to assess inside govern mechanism. An IT defence device addresses the requisite aspects including confidentiality, candor, and availability (Peltier, 2016).   Hence, the audit has to envelop integral three elements to evaluate whether the employees are apprised of the defence policies in IT. This to-boot necessitate inhibiting of the defence measures laid down coercion any violationes and what can be enacted to obviate a reoccurrence of a homogeneous accident in the forthcoming. To-boot, this protects the organization’s understandledge from life avenueed by distrusted individuals. Inside auditors can enact the audit to understand the ductile points touching defence and sound to obviate a defence violation from occurring by educating the employees on the uncertain IT defence policies.

    The audit should meet an evaluation on whether the classifications entertain been avenueed by distrusted verificationrs by inhibiting the power and efficiency of bulky measures. It is life-supporting to inhibit whether changes to the goods were spended in the alienate manner; that is, by inhibiting if the defence classifications in the actions are in method with what is established by the Indussound defence protocols. To-boot, it inhibits the specify of the action in which the employees pass their computers and how the codes are progressive at ensound equalize. This is an inside audit; for-this-reason, it can be spended on a monthly caverification to settle how the employees are complying with the policies. At the purpose of the year, exterior auditors who are likely and certified may spend a re-examination and prove bulky specify of IT apprisedness and defence policies (Safa, Von and Furnell, 2016).

    The audit is to be spended at the workplace to penetrate every  individual with avenue. It to-boot passs defence inhibits on the ruleors and on the networks profitable (Bulgurcu, Cavusoglu and Benbasat, 2010). The audit rule is spended through the verification questionnaires and interviews natant the employees. To-boot, the auditors should spend inhibits on network insecurity, gratuitous classification and governs.



    Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Understandledge defence device docility: an experimental examine of rationality-based beliefs and understandledge defence apprisedness. MIS Quarterly, 34(3), 523-548.

    Peltier, T. R. (2016). Knowledge Defence Policies, Procedures, and Standards: guidelines coercion talented understandledge defence administration. CRC Press.

    Safa, N. S., Von Solmss, R., & Furnell, S. (2016). Understandledge defence device docility mould in organizations. Computers & defence, 56, 70-82.