Download Acme Corp IT Audit Service Report

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
Document related concepts

Foreign market entry modes wikipedia , lookup

Transcript 
Acme Corp IT Audit Service
Report
Ref 000xxxxQ
August, 2015
5, 443 Albany Hwy
Victoria Park, WA, 6100
p. 1300 664 136
Acme Corp IT Audit Service Report - August 2015
[email protected]
www.focusnetworks.com.au
1
Document Control
Proposal for amendment or change to this document prior to release of version 1.0 will need to be
detailed on a Change Request Form. If required, please contact:
Mathew Smith
Focus Networks
E-mail: [email protected]
Date
Version
Copies
Author
10.08.15
0.1
Document created
Mathew Smith
12.08.15
0.2
Document amended
Mathew Smith
13.08.15
0.3
Document amended
Mathew Smith
14.08.15
0.4
Document amended
Mathew Smith
17.08.15
1.0
Conversion to final document and distributed as per table
Mathew Smith
Acme Corp IT Audit Service Report - August 2015
2
Distribution
The distribution of this document to Acme Corporation recipients is controlled by the Project Manager
(Focus Networks).
Title
Office Location
John Citizen – Managing Director
Location
1
Billy Bob – CFO
Location
1
Focus Networks
Victoria Park
1
Acme Corp IT Audit Service Report - August 2015
Copies
3
Table of Contents
Document Control ............................................................................................................... 2
1.0 Executive Summary ........................................................................................................ 5
2.0 Introduction .................................................................................................................... 8
3.0 Methodology ................................................................................................................... 9
3.1 Plans, Procedures & Design
3.2 Environment & Communications
3.3 Computers & Network Hardware
4.0 Technology Scorecard ................................................................................................. 14
5.0Findings .......................................................................................................................... 17 5.1High Risk Areas
5.2Medium Risk Areas
5.3Low Risk Areas
6.0 Recommendations ....................................................................................................... 24
6.1High Risk Areas
6.2 Medium Risk Areas
6.3 Low Risk Areas
7.0 Network Diagram .......................................................................................................... 32
Glossary of Terms ............................................................................................................... 33
Acme Corp IT Audit Service Report - August 2015
4
1.0 Executive Summary
Objective of the Audit
Focus Networks were asked to:
1. Review the Current IT Environment
 Physically inspect certain core IT areas
 Electronically inspect certain core IT areas
 Document current configurations
2. Compare to Industry Best Practices for Similar Organisations
 Generate a Technology Scorecard
 Generate a Risk Timeframe
 Highlight the differences
 Suggest the implications
3. Make Recommendations for the Future
 Rate core IT areas based on risk
 Document areas of concern
 Propose alternative solutions
Acme Corporation VS Industry Best Practices
The graph below highlights current IT infrastructure compared to the desired scenario.
Acme Corporation Technology Scorecard
Internet Gateways
3
Printing
Backups
2.5
IP Telephony
IT Support
2
Corporate…
1.5
Domain
1
0.5
Computer Room
Storage
0
Servers
Anti-Virus
Desktops/Laptops
UPS
Current
Local Area Network
Windows Updates
ISP Links
Strategic IT Plan
Desired
IT DR Plan
Acme Corp IT Audit Service Report - August 2015
5
Acme Corporation Risk Timeframe
The graph below highlights core areas to be addressed based on level of risk.
Acme Corporation Risk Timeframe
12
10
8
6
4
Months To Complete
Strategic IT Plan
Anti-Virus
Storage
UPS
High
Risk
Domain
High
Risk
IT DR Plan
Backups
High
Risk
Windows Updates
IT Support
0
Internet Gateways
2
Medium Medium Medium Medium Medium Medium Medium
Risk
Risk
Risk
Risk
Risk
Risk
Risk
Acme Corp IT Audit Service Report - August 2015
6
What was Completed
Focus Networks undertook:
 An onsite data collection at Perth on Friday the 7th of August 2015
 An interview with key staff members John Citizen and Billy Bob
 Research offsite
 Preparation of this report and presentation
Findings
 High Risk Issues
o Internet Gateway: a managed firewall needs to be implemented to secure the network.
Currently little protection is in place.
o Backups: an onsite/offsite backup regime requires implementing. The two current
backup regimes are inadequate and failing.
o IT Support: the current adhoc arrangement has no Service Level Agreements meaning
no commitments for response or resolution.
 Medium Risk Issues
o 6 areas are of concern as documented in Section 6.2 Recommendations.
 Low Risk Issues
o 7 areas are of concern as documented in Section 6.3 Recommendations.
Key Recommendation
Focus Networks suggest Acme Corporation subscribe to the Managed Network Service Agreement
prior to any IT infrastructure changes. This agreement will provide IT support for your IT environment
by implementing a scheduled onsite weekly option and a scheduled remote weekly option. Two
Support Officers will be assigned to you and are available for additional onsite/remote support.
Requests are tracked in a Helpdesk with 24x7 support coverage.
Acme Corp IT Audit Service Report - August 2015
7
Related documents
Key Marketing Functions
Key Marketing Functions
COMM 1213 H1 COMP 4923 X1
COMM 1213 H1 COMP 4923 X1
Propaganda & Rhetoric
Propaganda & Rhetoric
SyS64738: admin@zone-h.org Agris Krusts: agris@zone
SyS64738: [email protected] Agris Krusts: agris@zone
FORM AND DATABASE DESIGN
FORM AND DATABASE DESIGN
Assignment #3 – SQL Putting in Data
Assignment #3 – SQL Putting in Data
Lesson 7 Marketing Audit
Lesson 7 Marketing Audit
Economics/Personal Finance Mr. Nielsen
Economics/Personal Finance Mr. Nielsen
Week 2 - personal.kent.edu
Week 2 - personal.kent.edu
Global Underground Corp is looking for hard working and dedicated
Global Underground Corp is looking for hard working and dedicated
Overview - 21Gradi
Overview - 21Gradi
Auditor Senior IT Ad 4 3 2017
Auditor Senior IT Ad 4 3 2017
A guide for developing a marketing plan
A guide for developing a marketing plan
Audit Committee 18 September 2012
Audit Committee 18 September 2012
Gynaecology Audits 2010/11
Gynaecology Audits 2010/11
Multi-Site Deployment Guide
Multi-Site Deployment Guide
Controlling Your Destiny - Protecting Your Interests From
Controlling Your Destiny - Protecting Your Interests From