Create a presentation | CMGT582 Security & Ethics | University of Phoenix


You are part of a team selected by the Chief Information Officer (CIO) to perform a security audit for one of the companies explored in this course:

  • Devil’s Canyon      (Wks 4–5)

Create a 10- to 12-slide presentation (not including the title and reference slides) that shows the results of your security audit based on the following audit process:

  • Potential Risk      to be Reviewed: Describe the risk. (10pts)
    • Example:       Viruses and malware can negatively impact the confidentiality, integrity,       and availability of organizational data.
  • Regulation and      Compliance Issues: Analyze how regulations and compliance issues could      impact the organization. (10pts)
    • Provide a       detailed analysis of regulations and compliance issues, beyond the simple       explanation in score point two.
  • Regulation and      Compliance Resources and Tools: Analyze what resources and/or tools are      available to address regulations and compliance issues. (10pts) 
  • Describe the      control objective and the specific controls you will evaluate to determine      potential risk is mitigated. Please note that typically, there will be more      than one control that should be reviewed for a potential risk. (10pts)
    • Example:       Determine whether anti-virus software is in use.
    • Example:       Determine whether virus signatures are periodically updated.
    • Example:       Determine whether periodic virus scans are performed.
  • Provide a      detailed analysis of the resources and/or tools available, beyond the      simple explanation in score point two. (10pts)
  • IT Security –      Processes and Methods: Differentiate between the various processes      and methods involved in management of IT security resources.
    • Review the       various options available to address those processes and methods       previously explained, and which ones might be feasible. (10pts)
  • IT Security –      Measures: Analyze the various security measures that could be taken within      the organization. (15pts)
    • Demonstrate a       detailed understanding of what the alternatives are to approach security,       how much security is needed, different methods to employ, etc.
    • Describe the       criteria/measures that you will use to evaluate the adequacy of each       area/review step that you review (i.e., what criteria will you use to       perform your evaluation/how will you determine that the risk has been       mitigated to an acceptable level).
    • Example: 100%       of servers and PCs have virus software installed.
    • Example: 100%       of the virus software installed is set to automatically update, including       virus signatures.
    • Example: 100%       of the virus software installed is set to automatically perform a scan at       least weekly.

Include a 1/2- to 1-page executive summary to support your presentation. Include appropriate references. (10pts)

Note: The title page and reference page do not count toward the assignment – power point and summary – length requirements.