Security Audit - Essay Example

Only on StudentShare

Extract of sample
Security Audit

Also, some team members violated integrity and confidentiality assertions by disclosing information to external parties. This paper entails the details and implications of security audit procedures carried out and observations noted. Conducting audit Lafleur has a complicated network of information systems in place, with various remote offices and centralized IT function. Therefore, to evaluate this complex system, detailed audit procedures were planned including manual as well as automated assessments. Manual assessments mainly comprised interviewing procedures, performing physical checks and security scans and reviewing effectiveness of application and logical controls at different levels of organization. We prepared system notes after developing comprehensive understanding of company’s business activities. Thereafter, we conducted meetings with IT personnel to identify weaker areas requiring more attention and discuss IT policies and procedures. An exhaustive review of organogram was conducted to ensure proper segregation of duties were in place between employees holding influential or connected positions such as COO and CIO or programmer and end-user. Automated assessments were computer-aided techniques whereby software was used to assess reporting and change management capabilities of system. ...
Download paper

Summary

Security Audit: Lafleur Trading Company Introduction Lafleur Trading Company is a multinational concern based in Canada, dealing in wholesale of food items. As part of overall task, a security audit was conducted in respect of information systems incorporated at this organization…
Author : jaymebayer

Related Essays

Security Technology
Security cameras are one aspect of business security that is commonly used across many different business types. Often a number of video cameras transmit their signals to a specific point, frequently a set of monitors. This system is known as closed-circuit television (CCTV) the name derives from the fact that although a television signal is produced it is not transmitted openly, and as a consequence cannot be picked up by exterior parties (Levine, 2000). The term CCTV can be technically used to refer to most types of video cameras; however, it is generally used to apply to those that are...
8 pages (2008 words) Essay
The Security Professional and their role in Emergency, Disaster and Contingency Planning
It also explains the measures and techniques that the security professional use to handle different emergencies or disasters. An emergency refers to an unforeseen combination of circumstances whose resulting states of nature require immediate attention and actions. An emergency may be serious to the extent that if no immediate attention is provided, it can result to crucial and fatal situations. A contingency, on the other hand, refers to an event that has the possibility of either occurring or not occurring in the future as predicted. A disaster can occur if people live near hazardous areas...
16 pages (4016 words) Essay
Technology Support System For Homeland Security Program
Former Senator Rudman views the department to be a needed “formulation” in spite of the existing of great Army, Marine Corps and Air Force (2003). However, in assessing the organization and mission of the DHS, this proposal sees the agency to be wanting in resources and capacity along the aspects of independent mobilization and focus of initiatives. Organizationally, the DHS has to correlate with federal agencies to be able to mobilize anti-terrorism initiatives; it also lacks the integrated mechanism so that the department can effectively interface with the anti-terrorism network of...
12 pages (3012 words) Assignment
Data Governance, Quality, Integration, and Security
Although these aspects are closely interrelated within a system, addressing and improving them independently results in better performance of the system as a whole (Arens, Chee, Hsu & Knoblock, 1993). Data Governance Data governance encompasses a set of procedures ensuring that important assets in data form are properly managed in all divisions of an enterprise (Abiteboul, Benjelloun & Milo, 2002). The processes ensure that data is trustworthy and employees can be held accountable for any harmful occurrences that take place due to low quality of data. The organization under review was found...
4 pages (1004 words) Essay
Asset Inventory
Account Management Procedure Avoid transmission of un encrypted sensitive data Software Application and Operating system software Exploitation of faults in application and operating system software $2,000,000 High Malicious use, Unauthorized use and System compromise Change Management Standard High 0.8 Low 0.05 0.2 LOW $24,000 IT System Interoperability Security Standard Patches and updates from a reliable sources Hardware Internal server Hardware Issues/Equipment Failure or loss Loss or theft of data from server $8,000, 000 Vital System Unavailable Data Backup and System Restore Standard High...
5 pages (1255 words) Essay
iAM Application
This is very crucial when the end user wants to make payments using his or her online payments methods. With iAM, the user will be guaranteed making secure payments because the user is authorized with his identity and he can easily interact with the application at ensuring that all factors are taken into consideration that allow only the right access. With the advancements in technology in different sectors, iAM application has proved to be essential and used in allowing keyless access to homes, office, parking, cars as well as the ability of igniting engines. Using this application, users are...
27 pages (6777 words) Essay
NFC Security Issues: A Case Study
Particularly, this form of technology is quite popular in advanced nations such as Japan (Gordon & British Computer Society, 2007). However, according to various studies that have been conducted into the technology, especially in the UK by a team of researchers from Surrey University, an alarm is fast being raised about the security risks involved with the same, particularly with regard to the safety of private information of a client that is stored in it. This is because, the likely threats that arise are when the transmission for payments are made, which can be a few meters away from the...
6 pages (1506 words) Case Study
Got a tricky question? Receive an answer from students like you! Try us!