IT Infrastructure Audit Case Study

2512 Words11 Pages

5

Businesses or organizations throughout the world exhibit their own audit controls as well as observe specific procedures. When addressing IT audit issues, a business such as Asplundh Tree Expert, Inc. are known for their efficient audit procedures and internal practices. IT audit process effectiveness happens when an organization or business is adhereing or responding to set procedures. An organization may conduct several diverse audits, but consequently regardless of the audit type used, an audit is done to ensure a business or organization are using all resources available to them and for their benefit. Diverse IT audit selection ensures that the company set and meet goals and objectives that have been laid down by the international standards …show more content…

One example includes a financial audit or an IT infrastructure audit. Data will be given within this paper to address specific issues that might reside within the IT infrastructure audits. It is important to note that each audit process is specific to the tasks and objectives that are to be achieved. IT infrastruction audit processes, goals, controls, objectives and plans are all associated with IT infrastructure auditing (Ifinedo, 2012).
The primary cause of an IT infrastructure audit is to guarantee all IT resources available within a business or organization reach set goals and performance has been achieved while following the correct and the most appropriate processes.
The specific objectives of undertaking an IT infrastructure audit may include:
· Ensureing that the set infrastructure is compliant with the legal and regulatory requirements.
· Ensuring that the IT infrastructure enforces the confidentiality of its corporate data.
· Assessing whether the IT infrastructure in an organziation helps in attaining and maintaining data integrity.
· Ensureing that the IT infrastructure guarantees availability and reliability of the available …show more content…

The first step that the auditor should take is to gather as much information about any security procedures and policies that may have been in use following the information collected from the records available. Since each policy may have a different aspect that it works on, the findings from the audit may present evidence that may be vital in identifying the existing procedures or the absence of any policies or procedures. The existence of policies and procedures enables a company to reduce the occurrence or the impacts of a given risk. The lack of such policies may lead to reduced risk management