logo

IT Audit and Controls

10 Pages2930 Words63 Views
   

Added on  2023-01-03

About This Document

This document provides an overview of IT audit and controls, focusing on the case of Service NSW. It discusses the audit focus and scope, IT resources to be audited, recommendations based on findings, and rules and regulations for the auditor. The document emphasizes the importance of IT governance and the use of frameworks like COBIT.

IT Audit and Controls

   Added on 2023-01-03

ShareRelated Documents
IT Audit and Controls
IT Audit and Controls_1
Table of Contents
Introduction......................................................................................................................................3
Determine audit focus along with scope of audit report.........................................................3
IT resources on which audit will be conducted with reference to Service NSW...................4
Recommendations on the basis of findings............................................................................7
Rules as well as regulations that auditor of Service NSW must adhere to.............................8
Conclusion.......................................................................................................................................9
References......................................................................................................................................10
IT Audit and Controls_2
Introduction
The organised evaluation of different security aspects of organisations information
system by measuring that how they align with the set criteria is defined as information
technology security audit. It is liable for providing high levels of illustration with reference to
ways through which firm can access and test the security postures that have been developed by
them as a response for cyber security (Chopra and Chaudhary, 2020). The thorough audit
assesses security of physical configuration, software, environment, user practices and
information handling processes. For acknowledging this concept, the security breach will be
taken into account which has occurred in the New South Wales. This report emphasise on audit
along with scope and IT resources of the city that will be audited by detection of abnormalities
that are present within information technology systems. Furthermore, some recommendations
will be given on the basis of findings that will be identified. At last some rules as well as
regulations are illustrated that IT auditor can abide to.
Determine audit focus along with scope of audit report
The Council is liable for making sure that all the resources that are needed for ensuring
that security concerns are maintained and are effectively utilised. The audit focus on certain
aspects with reference to NSW, as per media reports that were published on 7th September, 2020
the Service NSW that is biggest information collection agency have suffered the cyber attack. It
was identified that near about 186000 customers as well as employees information was leaked
due to the phishing emails attack. The accounts of 47 employees of the organisation were
compromised and it took a time frame of around four months to identify the loss that have been
occurred within relevant frame of time. It was inferred that near about 3.8 million documents
were evaluated for assessing the severity of probable breaches. The documents that have been
compromised are handwritten notes, scans, forms as well as records related with transaction
applications. The size of the information that has been breached is 738 gigabytes but it is ensured
that all the information is not personal and as such no evidences have been found that database of
organisation was also accessed.
Service NSW has revealed that Police is carrying out further investigation related with the
incident. The Auditor is accountable for allocating resources as well as time associated with
financial reporting process, systems and resources through which all the standards can be
IT Audit and Controls_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
IT Audit and Controls
|10
|3129
|49

Cyber Security Threats and Information Governance
|16
|4128
|21

IT Audit and Controls
|11
|3139
|98

Assessment 2 report
|5
|967
|80

Assessment 2 Report on IT Governance Audit
|9
|2994
|53

Analysis of IT Audit Report on Local Government 2019
|10
|3072
|45