The project aims to provide undergraduate students enrolled in the Information Security, Governance, Auditing & Control course with practical exposure to conducting an Information Security Assessment or an IT Audit. Over a duration of four weeks, students will apply their classroom knowledge to assess an organization's security posture, identify potential threats and vulnerabilities, evaluate existing security controls, and recommend improvements to strengthen information security governance. The project may involve tasks such as performing IT General Controls (ITGC) testing, reviewing governance frameworks, and contributing to broader audit processes based on the organization's needs. This hands-on experience will enable students to develop a practical understanding of IT audit methodologies, risk management practices, and regulatory compliance, bridging the gap between theoretical knowledge and real-world application. By participating in this project, students will enhance their analytical, assessment, and reporting skills while gaining valuable insights into corporate information security practices.

The expected project outcomes are to provide students with practical experience in conducting an Information Security Assessment or IT Audit, allowing them to apply their classroom knowledge in a real-world organizational context. Students will engage in assessing the organization's security posture, identifying risks and vulnerabilities, and recommending improvements to enhance information security governance. The key deliverables include :

1. Project Plan outlining the scope and approach
2. Risk Assessment Report detailing identified risks and gaps
3. Recommendations Report with practical improvement suggestions
4. Presentation (PowerPoint) summarizing their findings

These deliverables will demonstrate their ability to conduct a professional IT audit and provide actionable insights to the organization.