Must be done in Microsoft WordUnit 1 You work for a consulting company that performs audits of a company’s IT infrastructure. Your company has been contracted to audit the IT Infrastructure for LSS (LMJStar Services). You and your team were sent in to complete the audit. You determine that this will be the first review that LSS has conducted or been subjected to. An audit procedure needs to be established. Explain to LSS management your teams responsibilities and functions. Describe the steps that need to be followed to establish auditing functions for LSS. Describe the audit areas that would be applicable to your contracted audit. Describe which information systems would be considered part of the scope for the audit. Unit 2 To assist LSS, your contract has been expanded to also perform an access control audit. Describe the process needed to perform the audit. Discuss typical devices, or assets, and possible issues associated with auditing a typical network environment (including a database with health care information, an HR database and application, and call center workstations that access information considered to be private). List and describe at least 4 possible examples. Unit 3 You have been asked to develop an access control policy for LMJ-Star Services (LSS) based on your understanding of the sensitivity of financial data and health care data. Research access control policies, and tailor a policy specifically for LSS. Ensure that all appropriate sections of a formal policy are put in place. Discuss how this policy can be converted or interpreted into control in terms of an audit.