The Study of Different IT Audit Methodologies

Author

Alexa Cassidy, University at Albany, State University of New YorkFollow

Date of Award

Summer 2024

Embargo Period

8-1-2024

Document Type

Master's Thesis

Degree Name

Master of Science (MS)

College/School/Department

College of Emergency Preparedness, Homeland Security and Cybersecurity

Program

Digital Forensics and Cybersecurity

First Advisor

Omer Keskin

Subject Categories

Library and Information Science

Abstract

This thesis delves into the obstacles organizations and tiny businesses encounter when conducting security audits of their networks. It addresses critical challenges relating to these audits' cost, time, and resources. The study thoroughly examines the audit process, elucidating its strengths and weaknesses, the available tools, and the pertinent laws and frameworks necessary for ensuring compliance. It specifically focuses on small businesses' approach to conducting these audits and the specific hurdles they face. The findings spotlight two primary audit methodologies, technical and regulatory, which scrutinize data security, network security, and physical security within a business. The thesis elaborates on tools such as John the Ripper, Sprinto, and iAuditor in conducting audits. Furthermore, it analyzes the impact of these audits on small businesses, how businesses tailor the audit processes to their requirements, and the challenges, including cost implications, they encounter.

License

This work is licensed under the University at Albany Standard Author Agreement.

Recommended Citation

Cassidy, Alexa, "The Study of Different IT Audit Methodologies" (2024). Electronic Theses & Dissertations (2024 - present). 27.
https://scholarsarchive.library.albany.edu/etd/27