Scribd Logo
Upload

Welcome to Scribd!

  • Audit Plan 2011-Public

    Uploaded by

    norizzuddin
    12 views1 page
    The audit plan outlines seven areas to review in 2011, including the effectiveness of the internet perimeter controls like firewall rules and logs, the configuration of the web proxy server and blocking mechanisms, reviewing the disaster recovery plan and objectives, intranet perimeter controls and firewall segregation, bandwidth utilization efficiency within and between offices, security incident handling procedures, and ensuring human safety concerning electrical, connectivity, cleanliness and physical hazards in workstation and server rooms across districts and headquarters.

    Original Description:

    Original Title

    Audit Plan 2011-public

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The audit plan outlines seven areas to review in 2011, including the effectiveness of the internet perimeter controls like firewall rules and logs, the configuration of the web proxy server and blocking mechanisms, reviewing the disaster recovery plan and objectives, intranet perimeter controls and firewall segregation, bandwidth utilization efficiency within and between offices, security incident handling procedures, and ensuring human safety concerning electrical, connectivity, cleanliness and physical hazards in workstation and server rooms across districts and headquarters.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views1 page

    Audit Plan 2011-Public

    Uploaded by

    norizzuddin
    The audit plan outlines seven areas to review in 2011, including the effectiveness of the internet perimeter controls like firewall rules and logs, the configuration of the web proxy server and blocking mechanisms, reviewing the disaster recovery plan and objectives, intranet perimeter controls and firewall segregation, bandwidth utilization efficiency within and between offices, security incident handling procedures, and ensuring human safety concerning electrical, connectivity, cleanliness and physical hazards in workstation and server rooms across districts and headquarters.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Audit Plan 2011

    1. Review of Internet perimeter control


    a. Evaluate effectiveness of firewall rules
    b. Check if audit trail is enabled.
    c. Check if periodic review is conducted on audit trail.
    d. Review firewall logs to identify other point of entry/exit
    e. Review maintenance & support agreement
    2. Review of web proxy server
    a. Identify blocking mechanism
    b. Review of logs to check effectiveness
    c. Review of policies
    d. Review maintenance & support agreement
    3. Review of Disaster Recovery Plan Readiness
    a. Application under DRP
    b. Recovery Time Objective
    c. Recovery Point Objective
    4. Review of Intranet perimeter control
    a. Ensure basic segregation of internal network
    b. Evaluate effectiveness of firewall rules in segregated
    network
    5. Review of bandwidth management
    a. Review of bandwidth utilization efficiency
    i. Within HQ
    ii. Between District & HQ
    iii. Inter district
    6. Review of Security Incidence Handling
    a. Review SOP in place
    b. Review past incident
    7. Review of human safety in computing environment at
    a. District & HQ
    i. Workstation
    ii. Server Room
    b. Area of concern
    i. Electrical leakage
    ii. Improper connection
    iii. Dusty hazard
    iv. Sharp object

    You might also like