Exercise Chapter 15 1. Your organization is performing an evaluation of security tools to be used to provide protection for your company intranet from unauthorized use by employees and outside intruders. Write a list of evaluation criteria for security software and hardware to be used, including client software, server software, network software, and firewall hardware and software. 2. You have been asked to audit your company security plan as it applies to acceptable employee use of the internet and email. Write a preliminary audit plan; include scope, objectives and audit steps. 3. Your organization has recently developed criteria for a risk management program. One goal of the program is to determine the adequacy and effectiveness of the company IT insurance coverage. Describe how an effective risk management program can enable a more cost effective use of IT insurance.