Please boost your Plan to download papers
Security Audit - Essay Example
Author : jaymebayer
Design & Technology
Pages 3 (753 words)
Security Audit: Lafleur Trading Company Introduction Lafleur Trading Company is a multinational concern based in Canada, dealing in wholesale of food items. As part of overall task, a security audit was conducted in respect of information systems incorporated at this organization…
Also, some team members violated integrity and confidentiality assertions by disclosing information to external parties. This paper entails the details and implications of security audit procedures carried out and observations noted. Conducting audit Lafleur has a complicated network of information systems in place, with various remote offices and centralized IT function. Therefore, to evaluate this complex system, detailed audit procedures were planned including manual as well as automated assessments. Manual assessments mainly comprised interviewing procedures, performing physical checks and security scans and reviewing effectiveness of application and logical controls at different levels of organization. We prepared system notes after developing comprehensive understanding of company’s business activities. Thereafter, we conducted meetings with IT personnel to identify weaker areas requiring more attention and discuss IT policies and procedures. An exhaustive review of organogram was conducted to ensure proper segregation of duties were in place between employees holding influential or connected positions such as COO and CIO or programmer and end-user. Automated assessments were computer-aided techniques whereby software was used to assess reporting and change management capabilities of system. ...