Question 1. Describe the relevance of risk management within the IT infrastructure auditing process.

Your response must be at least 75 words in length

Question 2. List at least three components of an IT audit that are documented. Describe the purpose and value of documenting each of the components to the IT audit.

Your response must be at least 75 words in length.

Question 3. What is involved in documenting and assessing an organization’s IT security for the creation of effective policies and controls?

Your response must be at least 75 words in length.

Question 4. Compare and contrast a descriptive control framework versus a prescriptive control framework. Why are these types of frameworks important in IT auditing? Provide an example not included in your textbook.

Your response must be at least 75 words in length.

Each question is separate, this is not a paper or essay.