Information Security Audit (COMP 0392) Proposal Name: Noora Mohammed Albulushi ID:10F6405 Interdiction: An audit is an objective examination and evaluation of the financial statements of an organization to make sure that the records are a fair and accurate representation of the transactions they claim to represent. It can be done internally by employees of the organization, or externally by an outside firm. Task2: In this task i have Critically analyze the part of an Information Security auditor towards audit planning and preparation. and the auditor of the organization should have knowledge about the company and its critical business activities. Audit planning Task 3: in task 3 i have to select one of information security auditing and analyzed it should establish over starting the auditing process .it have to Include phases, diagrams ,versions ,definitions and advantages. Task 4: In this task we have to descript on details about the various possible control types http://ishandbook.bsewall.com/risk/Images/v2_images/control.jpg Task 5: in task 5 i have to write report on evidence on findings, audit planning, use of risk assessment, proper format as close to an audit charter, corporate governance applied, description of inquiries and procedures followed, etc. Plan Times Task 2 21/11/2016 Task 3 23/11/2016 Task 4 & Task 5 25/11/2016 Final assignment 26/11/2016