CPIS 606 IT AUDIT Project Objectives: Develop an IT Audit / Assessment tool based on NCA ECC -1-2018 Mapping NCA ECC -1-2018 with NIST 800-53 and COBIT 2019 Auditing NCA ECC -1-2018 controls Part 1: Develop an Audit/ Assessment Tool based on NCA ECC-1-2018 The purpose of this project is to provide organizations with a simple tool for performing an Internal IT audit/assessment of their information assurance maturity level based on the controls defined by the NCA ECC -1- 2018. The Essential Cybersecurity Controls consist of the following: 5 Cybersecurity Main Domains. 29 Cybersecurity Subdomains. 114 Cybersecurity Controls. These cybersecurity controls are linked to related national and international law and regulatory requirements. The IT auditor should complete the answer to the drop-down menu questions lists on the Excel pages labeled ECC # 1 ECC # 5. By choosing a drop-down choice for each critical control, the assessment tool will automatically generate scores and maturity levels based on the answers to each question. Based on the answers to each question, the dashboard worksheet will automatically populate with the overall maturity level scores for the organization as a whole. These scores can therefore be used to measure the organization's progress and what percentage of the NCA ECC Controls they are currently following.

Part 2: Conducting Audit/ Assessment In the second part of the project, you have to select any sub domain of NCA ECC -1-2018 and prepare an IT audit plan. Use the Internet to select an organization that appeals to you. The audit plan should include the following sections: Introduction Understanding the Business (Organization) Defining the Audit Universe (Audit scope, Audit objectives, Relevant IT systems) Performing a Risk Assessment Formalizing the IT Audit Plan Resources: The following documents will be uploaded to the project folder on the blackboard. 1. Template (Excel) for developing IT Assessment tools. 2. NCA ECC 1-2018 3. NIST 800-53 4. COBIT 2019 Submission: You are required to submit two documents. 1. IT Audit/ Assessment Tool (Excel) 2. IT Audit Plan (MS Word or PDF)

CPIS 606 - IT AUDIT Project Objectives: - Develop an IT Audit / Assessment tool based on NCA ECC -1-2018 - Mapping NCA ECC -1-2018 with NIST 800-53 and COBIT 2019 - Auditing NCA ECC -1-2018 controls Part 1: Develop an Audit/ Assessment Tool based on NCA ECC-1-2018 The purpose of this project is to provide organizations with a simple tool performing an Internal IT audit / assessment of their information assurance maturity level based on the controls defined by the NCA ECC -1-2018. The Essential Cybersecurity Controls consist of the following: - 5 Cybersecurity Main Domains. - 29 Cybersecurity Subdomains. - 114 Cybersecurity Controls. These cybersecurity controls are linked to related national and international law and regulatory requirements. The IT auditor should complete the answer to the drop-down menu questions lists on the Excel pages labeled ECC#1ECC \# 5. By choosing a drop-down choice for each critical control, the assessment tool will automatically generate scores and maturity level based on the answers to each question. Based on the answers to each question, the dashboard worksheet will automatically populate with the overall maturity level scores for the organization as a whole. These scores can therefore be used to measure the organization's progress and what percentage of the NCA ECC Controls they are currently following. Part 2: Conducting Audit/ Assessment In the second part of the project, you have to select any sub domain of NCA ECC -1-2018 and prepare an IT audit plan. Use the Internet to select an organization that appeals to you. The audit plan should include the following sections: - Introduction - Understanding the Business (Organization) - Defining the Audit Universe (Audit scope, Audit objectives, Relevant IT systems) - Performing a Risk Assessment - Formalizing the IT Audit Plan Resources: The following documents will be uploaded to the project folder on the blackboard. 1. Template (Excel) for developing IT Assessment tool. 2. NCA ECC 1-2018 3. NIST 80053 4. COBIT 2019 Submission: You are required to submit two documents. 1. IT Audit/ Assessment Tool (Excel) 2. IT Audit Plan (MS Word or PDF)