Analyzing The Audit Statement Provided By The Information Systems Auditor

2161 Words9 Pages
In this report I will critically analyse the audit statement provided by the information systems auditor and provide a solution specific to the company for issues I identify. The report will offer a number of solutions to identified issues where possible to ensure Smith Industrie Ltd. have a choice if they do decide to implement proposed solutions. The solutions will take into consideration the IA principles, ISO 270001 and ITIL, as well as being designed to accommodate the current and future demands of Smith Industrie Ltd.
Issues identified within the Audit and their Solutions
In the audit I have identified a number of issues some of which were brought up by the information systems auditor and other that weren’t. Below is the issues and
…show more content…
Furthermore, the audit states that no virtual private network (VPN) exists currently, something that the auditor and company may be unaware of is that this is a significant issue. It has become a necessity in business to enable employees, managers, contractors etc. to access confidential resources through public networks away from the workplace with confidence that they are secure in doing so.

Collapses under heavy loads
Do not manage personal devices or network as a whole
Wireless is old legacy system and old encryption
No VPN in place
Teleconferencing issues – speed
Networks are over and under utilised (HMTCON at 50% other two at 50%)
Financial contract for security – abnormality?

Server Side and Datacentre
The main concern with the servers is the extensive server sprawl that was mentioned, resulting in poor hardware resource utilization, security and wasted energy. This situation is only worsened by the fact the number of and purpose of these servers is unknown. Secondly, the absence of a centralised management system means Smith Industrie are unable to manage server and user configurations effectively.
Get Access