Clear description about task based on above scenior almost 2000 words

Description: SALT, or Smart And Living Technologies, is a medium-sized software development firm based in Nepal. It was founded in 2004 and operates from two locations, with offices in both sites. The company uses a third-party data center to host its information systems, which represents the entirety of its IT infrastructure. SALT serves small to medium-sized businesses worldwide, providing software solutions and consulting services. Most of the department heads have been with the company since its inception, with the exception of the recently appointed Chief Information Security Officer (CISO). This lack of formal documentation is likely due to the department heads' knowledge of the company's business processes. Naresh Bangdel is the CEO of SALT, a software development company he founded in partnership with his friend Arushi, who is now an investor but has minimal involvement in the business operations. Despite being an engineer, Naresh lacks knowledge of modern technical IT security. Prior to recent events, the company had not experienced any significant IT security issues. However, in a span of three days, the company's website was vandalized, their email system was infected with a severe virus, and a large amount of data was destroyed as a result of a series of attacks. Naresh has a broad range of concerns regarding the management of IT security risks. He needs to investigate if the hackers who targeted the company are likely to strike again. Based on the recent attacks, he suspects that the hackers may have been seeking to steal proprietary information for personal or financial gain or to harm the company's reputation. Additionally, there is evidence that a past disgruntled employee may be planning to seek revenge against the company. Internal Audit Report: General: - Improper operating procedures by employees - Insufficient security awareness and negligence - No acceptance of security responsibilities - Inadequate standard operating procedures - Unattended machines - Neglect of media - Printing of sensitive materials - Failure to shut down computers at the end of the workday - Failure to backup information Task: Introduction: Team Structure: Using the information provided above, create a proposed organizational structure for an Information Security team that would work well for you as the CISO who has to perform external audit further. Provide justification for your proposal in order to secure approval from Mr. Naresh. Deliverable: - Organization Chart - Explanation for the reasoning behind each role - Detailed job description for each role Task 2: Briefly introduce the Laws and regulations, and justify as to why you are going to use them, based on which you are going to further audit the Information system of SALT. Task 3: Describe about the methodologies that you are going to use for external audit. Task 4: Describe the procedures and tests conducted during the external audit process . Task 5: list down any 4 key weakness / Vulnerabilities you found during your external audit