ISSC 471 IT Security Auditing

Class, I appreciate your participation in this forum. For this forum, create an original post addressing the topic(s) below, preferably prior to midnight ET on Wednesday. Continue to follow your classmates’ posts for the remainder of the week and respond to two or more of your classmates prior to midnight ET on Sunday. Your follow-up posts may add additional insights to a classmate’s opinions or may challenge posted opinions. Use examples from the readings, or from your own research to support your views as appropriate. Be sure to read the follow-up posts to your own posts and reply to any questions or requests for clarification. By the way, include the name of the person’s post you are replying to and your source for further research or reference. Thanks!

Where necessary, include in-text citations in APA format within the text of your post and a reference list in APA format at the bottom of your post. For examples of APA format, review the pages on “in-text citations” and “reference list” in this tutorial: https://owl.english.purdue.edu/owl/resource/560/01/

Discussion Points:

1. What is IT Security Auditing? What does it involve?
2. Why are Governance and Compliance Important?
3. Explain in details the roles and responsibilities in an organization associated with the following:

Risk Manager
Auditor
Executive Manager

4. Define the Certification and Accreditation (C&A) Process and briefly discuss the phases of C&A.

Forum Rubric for Grading:

Rubric for Learner Posts Points

Synthesis of concepts in 250 or more words (critical to class performance)

30

Applications of personal experience

20

Clear citation

10

Writing standards

20

Responses to two or more students (at least 150 words each)

20

Downloadable Rubric Description

Initial Post Recommended: Wednesday, by 11:55 PM, ET
Responses Due: Sunday, by 11:55 PM, ET