Auditing IT Infrastructures for Compliance



This course provides a unique, in-depth look at recent US-based information systems and IT infrastructure compliance laws in both the public and private sector. Written by industry experts, this course provides a comprehensive explanation of how to audit IT infrastructures for compliance based on the laws, and the need to protect and secure business and consumer privacy data.

In addition to premium instructional content from Jones & Bartlett Learning's comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to hands-on paper-based labs, case scenarios, and handouts, and eBook (via CourseSmart).


This course covers content within the following industry certification exams:

  • Certified Information Systems Security Professional (CISSP) - 'Telecommunications and Network Security' domain
  • Security + - 'Network Security' domain
  • Systems Security Certified Practitioner (SSCP) - 'Networks and Communications' domain.
  • 8570.01 - 'Network Security' domain


  • Information security analysts
  • Payroll specialists
  • IT infrastructure security specialists
  • Anyone making decisions about which information technology and cyber security products to use


General knowledge of networking and management information systems

Learning Objectives

  • Role of ISS compliance in relation to US compliance laws
  • Use of standards and frameworks in a compliance audit of an IT infrastructure
  • Components and basic requirements for creating an audit plan to support business and system considerations
  • Different parameters required to conduct and report on IT infrastructure audit for organizational compliance
  • Information security systems compliance requirements within the user domain
  • Information security systems compliance requirements within the workstation and LAN domains
  • Use an appropriate framework to implement ISS compliance within the LAN-to-WAN and WAN domains
  • Information security systems compliance requirements within the remote access domain
  • Information security systems compliance requirements within the system/application domain
  • Qualifications, ethics, and certification organizations for IT auditors

1. The Need for Compliance

  • The Need for Information Systems Security Compliance
  • Overview of US Compliancy Laws
  • What Is the Scope of an IT Audit for Compliance?

2. Auditing for Compliance: Frameworks, Tools, and Techniques

  • Auditing Standards and Frameworks
  • Planning an IT Infrastructure Audit for Compliance
  • Conducting an IT Infrastructure Audit for Compliance
  • Writing the IT Infrastructure Audit Report
  • Compliance within the User Domain
  • Compliance within the Workstation Domain
  • Compliance within the LAN Domain
  • Compliance within the LAN-to-WAN Domain
  • Compliance within the WAN Domain
  • Compliance within the Remote Access Domain
  • Compliance within the System/Application Domain

3. Ethics, Education, and Certification for IT Auditors