Question

Write 10 audit questions (1 to 2 pages total) using Microsoft^® Word, that will help you establish the degree to which the organization is complying with IS objectives as defined by the CISM certification requirements focusing on IS governance and quality assurance. Provide sample answers.

An organization has implemented the guidance provided by their Certified Information Security Manager (CISM). In the future, you will perform an IT audit on the organization. This organization is rapidly moving away from desktop and laptop solutions into mobile or app-based solutions.

Emphasize areas where the technology change to mobile computing may introduce vulnerabilities to the IT environment.

Answer 1

1. How can you make sure that data loss from stolen, lost or decommissioned devices?
2. Which steps are you taking to prevent information stealing from mobile malware.
3. Are the mobile devices managed in a consistent manner?
4. Are the right policies or mobile strategies in place?
5. How to do recover if their is any data loss?
6. What vulnerabilities exist and how do we manage them?
7. Are all configuration settings are secure?
8. What are management tools and what are their capabilities?
9. Do you guys using unsecured WIFI and network?
10. Is everyting testing before you implemented?