Scribd Logo
Upload

Welcome to Scribd!

  • ACTIVITY 02: Auditing CIS Environment: Required Answers

    Uploaded by

    Jel Ly
    1 views2 pages
    This document summarizes the requirements for an information systems (IS) auditor. It discusses that an IS auditor must be independent, adhere to ethics codes, and continuously learn. The auditor is also accountable for having sufficient evidence. Fundamental security features of IS include maintaining confidentiality of data, integrity of information, and availability of systems. Operational security examples provided are organizational security like asset classification and control, personnel security, physical security, communications management, system development and maintenance, business continuity, and compliance.

    Original Description:

    ytdsyu5ed

    Original Title

    LAB02 Activity 02

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document summarizes the requirements for an information systems (IS) auditor. It discusses that an IS auditor must be independent, adhere to ethics codes, and continuously learn. The auditor is also accountable for having sufficient evidence. Fundamental security features of IS include maintaining confidentiality of data, integrity of information, and availability of systems. Operational security examples provided are organizational security like asset classification and control, personnel security, physical security, communications management, system development and maintenance, business continuity, and compliance.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    1 views2 pages

    ACTIVITY 02: Auditing CIS Environment: Required Answers

    Uploaded by

    Jel Ly
    This document summarizes the requirements for an information systems (IS) auditor. It discusses that an IS auditor must be independent, adhere to ethics codes, and continuously learn. The auditor is also accountable for having sufficient evidence. Fundamental security features of IS include maintaining confidentiality of data, integrity of information, and availability of systems. Operational security examples provided are organizational security like asset classification and control, personnel security, physical security, communications management, system development and maintenance, business continuity, and compliance.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    ACTIVITY 02: Auditing CIS Environment

    Name:
    Juinda N. Sandro
    12/16/2016

    Date:

    Please refer to the file Formulation of IT Auditing Standards.doc for the

    required answers.
    QUESTIONS:
    1. Discuss a summary on the listed generic requirements for IS Audit.

    As an information system auditor we should have the responsibility to


    be independent by means of attitude and appearance. We have to
    adhere to the code of professional ethics to be more competent and we
    should have the willingness to adopt new knowledge through
    continuing professional education. Being an information system auditor
    we have the accountability to have sufficient, reliable, relevant and
    useful evidence about the report that we will be working. We should
    supervise an information audit staff to ensure that the auditing
    standards are met.

    2. Discuss the three fundamental feature of IS in relation to Security Audit.


    Confidentiality should be maintained in an information system because
    theres a lot data or files that are not meant to see by others.
    Integrity refers to the completeness of information. It is important in an
    information system because will provide the assurance that the system
    is reliable.
    Availability should have in an information system so that it is easily to
    continue the business regarding to the information and operation when
    it is needed.

    3. Discuss by giving an example on the following Operational Systems Security:


    a. Organizational Security
    b.
    c.
    d.
    e.
    f.

    Asset classification and control


    Personnel security
    Physical and environmental security
    Communications and Operations Management
    System Development and Maintenance

    g. Business Continuity Management


    h. Compliance

    You might also like