power point presentation

I need the power point presentation for the below document present an 8 to 10 ppt slide presentationIntroduction of the issueAnalysis of the tools usedWhat the group would have done differentlyPresentation of final solution
midterm.docx

Unformatted Attachment Preview

Don't use plagiarized sources. Get Your Custom Essay on
power point presentation
Just from $13/Page
Order Essay

Running head: IT Security Audit Compliance and The need for compliance
Mid Term
IT Security Audit Compliance and The need for compliance
Name: Rahul Reddy Jala
University Of Potomac
Date:05/22/2018
1
IT Security Audit Compliance and The need for compliance
IT Security Audit Compliance and The need for compliance
Looking at module one, the need for compliance, we see that in an IT based company,
compliance is a need for various security reasons. A best case scenario is when a company has
all the measures in place that protects data, both sensitive and non-sensitive. The worst case
scenario for it is when it faces outside attack like an SQL-injection and its data is stolen or
corrupted by a malicious party. In that case, a lot of damage will be done which will force the
company into a very bad situation. The data can be used for malicious reasons like blackmail
and security access. The company will also lose clients and face multiple law suits as it is their
job to protect their clientâ??s data. This will ultimately lead to their shut down as the damage
will be done. The need for compliance is thus important. It puts the company in check and
makes them implement all the required measures.
Security auditing is one measure that if companies comply with, the need for compliance will
be fulfilled and all the possible damage avoided. It is sad that organizations still fail to comply.
Currently, the number stands at 80%. There are questions that if asked and a company can
answered properly, then they will be able to pass he audit. First, does it have a security policy
that is documented? For IT infrastructure to be maintained properly, documentation needs to
be in place. Second, Does the company grant access privileges adequately? Privileged
accounts are one target when it comes to security. Permissions on them should be according to
security policies. The third question is, data is protected through what methods? Compliance
standards focus on sensitive data protection. That kind of data should be protected and thus a
company needs to provide evidence and show ways that it protects the data. The fourth
question is, does the company have a recovery plan for disaster? Disasters happen out of the
blue and they can cause serious damage unless the company has a recovery policy. For
2
IT Security Audit Compliance and The need for compliance
example, a security bridge, the fifth question is, with the security policies and procedures in
place are the employees familiar with them? This is particularly important as the employees
could violate the procedures and measures. If a company can answer all the questions
properly, then they will be in the clear and pass the audit on compliance. If they fail to, then
there is a need for a restructuring and they should start putting up measures that are according
to compliance policies.
One major organization that complies with IT Security Audit Compliance is Google. Google is
a major IT company that has put its audits and certificates out in the public. According to the
report, it believes that the user is a priority and thus ensures their security. Some certificates
include the International Standards Organization (ISO) 27001 Certificate, and SSAE 16/ISAE
3402 and SOC 2 Type II Audit. The first certificate covers aspects such as systems,
technology, people, applications, data centers and processes. It certified areas such as
cryptography, logical security, information security policies among others. The second
certificate is on principles that have been defined by AICPA, American Institute of Certified
Public Accountants. A service Control is one that oversees that. It aligns with NIST, National
Institute of Standards and Technology. A few principles that are covered in the report include
security. This ensures that the systems are protected against accesses that are unauthorized.
The other principles are confidentiality, Integrity processing and availability. Confidentiality
looks at data security, only those meant to see it will see it, especially in cloud technology.
Processing integrity ensures that the systems work the way they are supposed to. Availability
takes care of service outages; the systems should always be online if possible.
Google compliance with the IT security compliance opens up their measures to the public.
They have what needs to be protected in mind and act accordingly, no aspect is left
3
IT Security Audit Compliance and The need for compliance
unprotected. Through them, we see the need for compliance. They will not wake up one day to
find user data in the wrong hands as they are protected. Unless a hacker manages to bypass
their systems and security, which have also been protected, they manage to be among the best
IT companies of our times because everything matters to them and because the user is
important and should be protected. They understand compliance and live by it.
There are reasons why the audits need to be carried. Thus justifying the need for compliance.
For google, on data centers, physical security controls that are in place do provide assurance
that the data centers are protected. Their incident management controls assures that in case of
an incidence, the company and its assets are protected. Logical security controls assures that
access to systems is authorized to only the right individuals. A change management control
assures that configuration and application changes are properly tracked, approved, tested and
validated. An organization and administration control assures that management provides the
needed infrastructure and mechanisms for the various processes in the company. System
availability controls assures that alternative redundant sites are in place.
For all of their services, Google complies with the IT security compliance audit and has
certificates to show. These services include Google drive, Google hangouts, Gmail, Google
calendar, Google docs, Google sheets, Google slides, Google talks among others. They are all
included in the report.
In conclusion, there is a need for compliance for every IT based organization and company.
Compliance may see taxing but at the end of the day, it is actually for the good of the company
and protection of the users. IT Security Audit Compliance ensures that all the security details
are being observed by a company and that it does not take shortcuts at the expense of the users
4
IT Security Audit Compliance and The need for compliance
who use their services and products. With the observance of that, there will be minimal IT
related disasters. It is for the good and thus should be observed.
5
IT Security Audit Compliance and The need for compliance
References
1. Google. Certification summary. Retrieved from:
https://services.google.com/fh/files/blogs/btd-sec-op-2014-grey.pdf on 22nd May, 2018.
2. Stallings, W., Brown, L., Bauer, M. D., & Bhattacharjee, A. K. (2012). Computer security:
principles and practice (pp. 978-0). Pearson Education.
3. Moeller, R. R. (2010). IT audit, control, and security (Vol. 13). John Wiley & Sons.
6

Purchase answer to see full
attachment

GradeAcers
Calculate your paper price
Pages (550 words)
Approximate price: -

Why Work with Us

Top Quality and Well-Researched Papers

We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.

Professional and Experienced Academic Writers

We have a team of professional writers with experience in academic and business writing. Many are native speakers and able to perform any task for which you need help.

Free Unlimited Revisions

If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account or by contacting our support.

Prompt Delivery and 100% Money-Back-Guarantee

All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.

Original & Confidential

We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text. We also promise maximum confidentiality in all of our services.

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.

Essays

Essay Writing Service

No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.

Admissions

Admission Essays & Business Writing Help

An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.

Reviews

Editing Support

Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.

Reviews

Revision Support

If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.

Order your essay today and save 15% with the discount code DISCOUNT15