IT Audit Process paper

  • Identify your case study’s IT processes in key areas of the IT/IS lifecycle and describe them according to the major domains.
  • Conduct a preliminary evaluation of internal IT processes, focusing primarily on project management and software development.
  • Refine your balanced scorecard as needed, possibly expanding the IT-related goals and the performance metrics.
  • Create a process RACI chart that maps management practices to their related roles and indicate the levels of responsibility for each role

Expert Answer

Breach of customer information in customer information is not a new thing. Companies have been experiencing such cases for ages now, and all this is caused by many characteristics of the system that renders it vulnerable for such activities to occur. Lingolistics Company currently suffers a breach of consumer information due to a poorly structured system that can be accessed at ease by the system’s external environments. Linguistics Company is focused on customer satisfaction, and hence the integrity of the information on customers should be well handled so as the company does not lose its customers. The system is in the company to adhere to a secure system’s requirements to hold information effectively and avoid cases of this organizational information leading to the public.

Considering the breach in information in the organization, it is fair to say the company system does not have a secure database system that will hold the company’s information. Systems with a weak firewall system always tend to collapse quickly, making the system’s information weak to corruption from external forces. In the case of Lingolistics Company, the information might be lost since the system firewall system was out of place and the audit system that was available for the organization had failed to make such observations, thus rendering the system vulnerable to any attacks. Consumer information might not be the only thing under attack in this situation since a gateway to the information of the customers opens up the ways to exploiting most of the company weakness by the detailed study of the information of the company that other competitors might use to engage in a competitive battle with the company.

When developing the new software for the company, some qualities of the system that the programmers of the system need to consider maintain its effectiveness with all the system’s activities. A proper system needs to be complex but still performs its essential functions. Lingolistics is a manufacturing facility specializing in manufacturing metal seals, so the system to be put in place is a point of sale system or a sales system that the essential functions are to handle the company’s sales. Since sales currently require online payment methods, the systems need to hold sales and the payment methods used by customers in the sales making process.

The system’s sales segment needs to be double encrypted to ensure valuable information like the card details of customers do not leak to the public. Such situations could lead to fraud activities occurrence and making the company liable for all the payments that will have been made through the breach process. An anti-virus system can also be put in place to ensure the value of information inserted into the database is protected from harming the system, whether internally or externally. Setting up validation systems for the system is also essential to prevent unauthorized access in the system, making the system perfect and secure from external users. The best and secure security system that can be put in place is biometric systems that cannot be easily bypassed, like fingerprints and retro scans.

Security to the system is an essential part of the project, and thus to prevent future cases, it is fair to develop systems in languages that cannot be easily broken down to render the system week. Current computing languages like python are vast. Using such languages in making the system makes the project complex from any external activity that can compromise any activity in the system like loss of information or even system breakdown giving other companies a competitive environment that cannot be easily managed.

An effective system requires effective management, and thus some work needs to be subjected to the organization in the management of the system. A proper system needs to pass through a series of managers to be effective and act according to organizational needs. In a proper system, there needs to be a project manager in charge of the whole system. The system analyst comes next after the project manager since most of their functionalities are equal and only vary in terms of the hierarchy and the jurisdiction. The system analyst controls all the activities that befall the system during creation and the system’s operational phase.

The system also requires proper programmers to create the system according to the system analyst or the project managers’ needs. These individuals are the backbone to creating a system since they are the individuals that determine the effectiveness of a system and the security of the project. Considering these three common individuals to a system secures the system’s proper functionality, making it vulnerable to such acts as a breach of information in the system. Customer information is always the most valuable set of information in any organization, hence the system put in place for a company should always guarantee the customer the security of the information given out. Two degrees of priority in reacting to IT hazards have been taken up by IT audits: Firstly, to deter hazards; the first move is to help IT audits can help businesses in detecting and avoiding hazards in the business-enhancing IT processes (Holm & Thinggaard, 2015). The second role is to collaborate with the CIO to efficiently handle the risks discovered during the audit and improve risk management. With more in-depth IT implementations in the financial sector, IT auditing first came into practice and eventually grew to other sectors (Holm & Thinggaard, 2015).

 

 

RACI Project Manager System Analyst Programmer
Issue Demands R A C
Make Estimates C R I
Authorize Expenditure R A  
System Programming C A R
Project Testing A R C

 

R=Responsibility        A=Accountability         C= Consult        I= Inform

 

 

Looking to get Essay writing help for this assignment? Get custom essay for 15% OFF using coupon code “NEW15” or Buy Used Solution for same paper for less!