Free Essay: Principles of Information Security Auditing and Digital Forensics

The development of computer systems has been vital in business development. The systems have undergone countless transformations that have increasingly implemented benefits by identifying opportunities for improvement. Companies have very valuable active capital: information and technology, with which, increasingly, the success of a company depends on the understanding of both components. An Information Assurance Audit is conducted to evaluate the level of information security in an organization. Good practices concentrated in the COBIT framework allow businesses to align their goals with information technology to achieve the best results. In this sense, COBIT is a contribution through a model that will enable management to carefully review the work done by computer systems concerning business needs.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

The COBIT model is an evaluation model that allows verification and control of business information systems and security. Through this model, technology is linked to all departments of a company from the managers and auditors to the beneficiaries of the audit process. The model has a structure with an action framework where research reasoning is adjusted, for example, security and efficiency, the resources perceived by information technology are verified, through human resources, technical facilities, among others and, in the end, an assessment of the methods involved in the organization (Moeller, 2013).

The COBIT framework has five principles that an organization must follow in IT management (ISACA, 2012; Moeller, 2013):

The satisfaction of the needs of the shareholders: the needs of the shareholders are aligned with the specific business objectives, IT objectives, and enabling objectives. The use of resources is optimized when benefits are obtained with an acceptable level of risk.

Cover the company from end to end: IT governance and IT management are assumed from a global perspective so that all corporate IT needs are met. This applies from an "end-to-end" perspective based on the seven enablers of COBIT.

Apply a single integrated reference model: COBIT 5 integrates the best Information Systems Audit and Control Association (ISACA) frameworks such as Val IT, which links COBIT processes with those of management required to achieve a good value of IT investments. It is also related to Risk IT, launched by ISACA to help organizations balance risks with benefits (ISACA, 2012).

Enable a holistic approach: the enablers of COBIT 5 are identified in seven categories covering the company from end to end. Individually and collectively, these factors influence the IT governance and IT management to operate based on business needs.

Separation of governance from management: COBIT 5 clearly distinguishes the areas of IT governance and IT management. IT governance means the functions related to the evaluation, management, and monitoring of IT. It seeks to ensure the achievement of business goals and also assess shareholder needs, as well as the conditions and options available. Management is specified by prioritizing and effective decision making. Monitoring encompasses compliance, performance, and progress evaluation based on set goals. Management is more related to the planning, construction, execution, and control of activities aligned with the direction established by the governance agency for the achievement of business objectives, compliance, and progress. According to the results of the governance activities, the administration of the company and IT must then plan, create, carry out, and monitor the activities to ensure alignment with the direction established.

Incident Response Plan for Raising Dough Baking Company

The data and information generated in a company are fundamental assets for the effective functioning of businesses. In this sense, working with IT requires a variety of skills and care to protect these businesses against cyber threats. A small situation can become much more significant if there is no Incident Response Plan (IRP). Since Raising Dough Baking Company does not have such a plan, the first step is to create a specific team for the purpose. The Computer Security Incident Response Team (CSIRT) functions as a team responsible for monitoring and responding to possible security incidents. It develops and complies with other departments the procedures contained in the incident response plan.

The purpose of this IRP is to restore the normal operation of IT services as soon as possible to minimize the adverse impact on the business operations of Raising Dough Baking Company. As a result, the plan aims to contribute to improving user satisfaction with the quality of Information Technology (IT) services provided by the company.

The following IRP steps should be followed in protecting the company from information security incidents such as unauthorized access, Denial of service, Viruses or malware, etc. (Moeller, 2013; Wertheim, 2019):

• 1. Preparation: Preparation addresses how the team will handle an incident. This includes external and internal communication, as well as incident documentation. For this purpose, it is essential to have a defined corporate security policy containing guidelines on what risks the company is exposed to and what preventive measures should be taken. The involvement of everyone is critical.
• 2. Identification: This step defines the criteria that will activate the CSIRT. For example, when a brute force attack is detected, the incident response plan is immediately triggered, and the team takes action. Any set of unusual activity should be dealt with as quickly as possible by the team as soon as it is identified and the alerts issued.
• 3. Containment: There are two types of containment: short and long. The short-term has the characteristic of being an immediate response to prevent the attack from causing damage. Long-term containment includes restoring the system to its normal production after neutralizing the backdoors and malicious files that made the attack feasible.
• 4. Eradication: This phase is essential for business continuity. It aims to restore all corporate systems affected by a security incident. This is done by applying the incident response plan, removing any traces of the attack. The constant updating of systems and corrective measures are essential to avoid the repetition of the same situation.
• 5. Recovery: Recovery addresses how to bring the entire system back to its standard operation. At this point, it is necessary to do a scan to find out if you don't hear any losses and how to recover possible lost data. This involves backup copies stored on a cloud system to restore all the information needed for the workflow.
• 6. Lessons learned: This phase addresses the documentation of incident occurrences and the procedures for responding to them. Within this, the company manages to create material with a history of occurrences against security and the appropriate actions taken, making the organization better prepared to deal with future incidences.

Conclusion

The information systems represent an opportunity for the achievement of the objectives of an organization in congruence with their IT and corporate goals. In this regard, it is significant for the administrators of computer systems and corporate governance to carry out all actions necessary to achieve those goals. COBIT is an evaluation and monitoring model that emphasizes business control and IT security and encompasses specific IT control from a business perspective. Companies can adopt a COBIT methodology as part of the reengineering process to reduce uncertainty indices on vulnerabilities and risks of IT resources and, consequently, on the possibility of evaluating the achievement of the objectives of the leveraged business in technological processes. Through COBIT 5, a company can develop a clear policy that allows the control of IT in the organization. The application of this framework affects regulatory compliance and helps increase the value associated with the IT area of the organization.

References

APMG International (2019, Feb 12). Webinar - COBIT 2019 Use Cases: Tailoring Governance of Your Enterprise IT. [Video file]. Retrieved from https://www.youtube.com/watch?v=aMb7XTsSe9I

ISACA (2012). COBIT 5: A business framework for the governance and management of enterprise IT, Chpt 1 - 8. ISBN: 9781604202373, Skillsoft Bookid= 49460.

Moeller, R. R. (2013). Executive's guide to IT governance: Improving system processes with service management, COBIT and ITIL. John Wiley & Sons, ISBN: 9781118138618, Cht 1 - 8, bookid=52724.

nasebaTV (2015, April 29). Cyber Defence Summit: Cyber Security Governance & Management using COBIT 5 - Day 1. [Video file]. Retrieved from https://www.youtube.com/watch?v=qihNgOglLHA

Wertheim, S. (2019). How to Create an Incident Response Plan. The CPA Journal, 89(11), 70-71.