Voice Over Internet Protocol (VoIP) Audit/Assurance Program

13m
ISACA
ISACA
2012

IT audit and assurance professionals are expected to customize this document to the environment in which they are performing an assurance process. This document is to be used as a review tool and starting point. It may be modified by the IT audit and assurance prof essional; it is not intended to be a checklist or questionnaire. It is assumed that the IT audit and assurance professional has the necessary subject matter expertise required to conduct the work and is supervised by a professional with the Certified Information Systems Auditor (CISA) designation and/or necessary subject matter expertise to adequately review the work performed.

A typical VoIP network comprises a complex series of cooperating protocols, networks (wireless and wired), servers, security architectures, special services (such as E-911), backup and recovery systems, and interfaces to the PSTN.

During the audit planning process, the auditor must determine the scope of the audit. Depending on the specific implementation, this may include:

Evaluation of governance, policies and oversight relating to VoIP
Data classification policies and management
The appropriate VoIP business case, actual deployment or upgrade processes, strategy and implementation controls
Technical architecture(s), including security systems, multiple platforms (different vendors which supply and/or support VoIP), interfaces with data networks, backup and recovery, data retention and destruction policy, and technology
Assessments of IT infrastructure and personnel to support the VoIP architecture(s)
Baseline configurations of deployed hardware and software
Issues related to decentralized VoIP servers
Issues related to failover clustering, where appropriate

In this Book

Voice-over Internet Protocol (VoIP) Audit/Assurance Program
Introduction
Using This Document
Assurance and Control Framework
Executive Summary of Audit/Assurance Focus
Audit/Assurance Program
Maturity Assessment
VoIP Threat Taxonomy
Separation of Data and VoIP VLANs (Schematic)
References

FREE ACCESS

Course Certified in Cybersecurity (CC): Security Governance, Policies, & Controls

(123)

Course CCSP 2022: Operational Controls & Standards

(84)

Course CompTIA Cybersecurity Analyst+: Hardening Techniques

(2)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

Voice Over Internet Protocol (VoIP) Audit/Assurance Program

In this Book

YOU MIGHT ALSO LIKE