An IT audit is the examination and evaluation of an organization’s information technology infrastructure, policies and operations. … The primary objectives of an IT audit include: Evaluate the systems and processes in place that secure company data.
IT Audit Quesnier:
1.Network
What is the status of your network? Windows or Linux?
What are your network connection speeds?
Do you have fiber or Ethernet 10/100/1000?
If fiber, what areas are serviced?
Do you have these mapped in a digital file or in blueprints?
What are the firewall speeds?
Does your Firewall have VPN capability?
Does your Firewall have DMZ capability?
Does your Firewall have site-to-site capability?
Is your Firewall Stateful?
Are you able to do IPSEC or PPTP?
What is your incoming bandwidth?
What is your outgoing bandwidth?
Has your bandwidth spiked to 80% or more in the past 3 months?
Are your switches gigabit or higher?
Do you have an active directory and domain?
How many domains are used in your network? Will the Lucity servers use different domains than the users?
Do you have ADFS or an Identity Store like BigIP?
Do you have a server room?
Are your servers on railed racks?
Do you have VOIP phones configured for both data and voice connections to laptops/workstations?
What is the speed of the phones? 100mbit or 1000mbit?
Do you use load balancing on your web servers like BigIP F5?
2.Software
Do you use SQL Server?
Do you have Crystal Reports Enterprise Server?
Is your RDBMS dedicated?
Is your RDBMS hosting other databases and/or applications?
What are the specifications of the user workstations (mainly CPU, RAM)?
3.Server
Do the servers reside in the same domain and/or switch?
Are you running SAS, SATA, Fiber, or SCSI on your database server/s?
What is the RAID configuration on your database servers?
How many CPUs on the database servers?
How much RAM is on your database server/s?
How old are your database server/s?
4.Backups
Do you have Tape, HDD, or offsite backup equipment?
If tapes, what type of tapes.
If HDD, how much storage? What is the capacity?
What type of devices do you have?
What are the backup routines?
What is the longevity of the backup?
Is there a reuse policy?
When are the full backups?
When are the incremental backups?
Is there a secondary failsafe system offsite?
Do you back up the OS or the entire client PC, Laptop or mobile device? Snapshot backup