Auditing Windows operating systems
Dalton, Walton, & Carlton, Inc. have a complex IT infrastructure that requires auditing to increase its security and efficiency. The first step I would take when auditing the company’s Windows Operating System is to obtain the system information and the service pack version and compare that information with the policy requirements. Policies are established to make the working environment more secure, manageable and auditable (Davis, Schiller & Wheeler, 2011). In case the Windows Operating System is not genuine I would install a genuine and validated version Windows Operating System version in order to increase security. This is because the company’s systems are vulnerable to hackings, fraud and data loss from the high number of employees using them. I would use inbuilt command-line tools, searching through the Graphical User Interface (GUI), and also through the registry to obtain the basic configuration of the company’s systems. As advocated by Champlain (2003) I would use the sysinternals tools psinfo, and the local tool systeminfo as tools to retrieve the configuration information. Thereafter, I would compare the results with the organization’s policies and requirements to ensure the Windows Operating System aligns with the policy provisions
The second step I would follow when auditing the company’s Windows Operating System, would be to determine whether the server is running the company-provisioned firewall. The failure to use a firewall subjects the IT systems to network attacks from viruses, malware and intentional interferences from disgruntled staff (Hoelzer, 2009). Currently the company does not update its antivirus software automatically. I would ensure a genuinely licensed antivirus which updates regularly is properly installed. This prevents the systems from intentional and/or accidental damage loss of data and viral attacks. I would then check and verify the processes on the system showing that the company's firewall is correctly installed and running on the system. I would execute this check by running the sysinternals tool pslist. I would do this by running pslist on the system and search for the appropriate running process by specifying the process I want to find. In addition, I need to secure crucial company info in a limited number of computers and control access to the same.
Auditing UNIX & Linux Operating Systems
When auditing the systems running on UNIX & Linux Operating Systems, I would first evaluate the procedures for creating Linux or UNIX users’ accounts and confirm that existing accounts are put in place only when there is a legitimate business need. In the case of Dalton, Walton, & Carlton, Inc. There is a definite need to use UNIX or Linux operating systems to reduce the chances of viral or malware attacks destroying crucial company information. Linux operating Systems have been proven to withstand viral and malware attacks better than other operating systems (Siever, 2009). I would then remove user accounts that pose a threat and/or are irrelevant to the company. Such accounts include those of employees whose contracts with the company have been terminated. This ensures that no employee has access to the company’s systems once they leave.
References
Champlain, J. J. (2003). Auditing information systems (2nd ed.). Hoboken, N.J.: John Wiley.
Davis, C., Schiller, M., & Wheeler, K. (2011). IT auditing: using controls to protect information
assets (2nd ed.). New York: McGraw-Hill.
Hoelzer, D. (2009). Audit Principles, Risk Assessment & Effective Reporting. SANS Press. Siever, E. (2009). Linux in a nutshell: a desktop quick reference (6th Ed.). Beijing: O'Reilly.