Scenario: You are a consultant who has been hired by the CEO of a small to mid size company to determine which controls in NIST SP 800-53 Rev.4 Appendix F are applicable to the companys operations and whether they csn be monitored in some way utilizing Open- AudIT.
You will need to
1. Determine which controls NIST publication are applicable to the company
2. "Match" the features of Open-AudIT to the controls
3. Present your findings and recommendations to the CEO in a written report
Scenario: You are a consultant who has been hired by the Chief Executive Officer (CEO) of a small to mid-size company to determine which controls in NIST SP 800-53 Rev.4 Appendix F are applicable to the company's operations and whether they can be monitored in some way utilizing Open-AudIT. To complete this assignment, you will need to: 1. Complete this week's lab to familiarize yourself with Open-AudIT's features and capabilities. (TIP: You should be aware of the difference between the Community and Pro editions. If you are using the Community Edition, you are able to view, but not use, the features that are available to Pro and other editions.) 2. Determine which controls in the NIST publication are applicable to the company. (TIP: To make this easier, select a company that you are familiar with and use your knowledge of that company's operations to determine which controls are needed to ensure the integrity of the company's information technology products/systems. Complete the assignment as if you were hired as a consultant to the CEO for that company.) 3. "Match" the features of Open-Audit to the controls. 4. Present your findings and recommendations to the CEO in a written report. (TIP: When you discuss Open-Audit in your report, be sure to specify the version.) NOTE: There are no length requirements for this assignment nor are there any requirements that you address each and every individual control in the NIST publication. You are to use your best judgment when it comes to how much detail you provide the CEO with respect to the controls/operations and whether Open-Audit will meet the organization's needs. If you are wondering whether you have written too much or too little place yourself in the CEO role and ask, "Would I be able to make an informed decision based on this report? Scenario: You are a consultant who has been hired by the Chief Executive Officer (CEO) of a small to mid-size company to determine which controls in NIST SP 800-53 Rev.4 Appendix F are applicable to the company's operations and whether they can be monitored in some way utilizing Open-AudIT. To complete this assignment, you will need to: 1. Complete this week's lab to familiarize yourself with Open-AudIT's features and capabilities. (TIP: You should be aware of the difference between the Community and Pro editions. If you are using the Community Edition, you are able to view, but not use, the features that are available to Pro and other editions.) 2. Determine which controls in the NIST publication are applicable to the company. (TIP: To make this easier, select a company that you are familiar with and use your knowledge of that company's operations to determine which controls are needed to ensure the integrity of the company's information technology products/systems. Complete the assignment as if you were hired as a consultant to the CEO for that company.) 3. "Match" the features of Open-Audit to the controls. 4. Present your findings and recommendations to the CEO in a written report. (TIP: When you discuss Open-Audit in your report, be sure to specify the version.) NOTE: There are no length requirements for this assignment nor are there any requirements that you address each and every individual control in the NIST publication. You are to use your best judgment when it comes to how much detail you provide the CEO with respect to the controls/operations and whether Open-Audit will meet the organization's needs. If you are wondering whether you have written too much or too little place yourself in the CEO role and ask, "Would I be able to make an informed decision based on this report
