This memo documents low-risk opportunities in the network infrastructure environment identified during an internal audit review and meant for management’s information and consideration only.

In this sample, internal audit has completed a review of the internal and external network infrastructure environments. Internal audit noted other opportunities for enhancing controls, which do not rise to a level of risk sufficient to necessitate management action. No management action plans are necessary for the items that relate to the following: network security device review, disaster recovery network capacity, firewall administration backup, disaster recovery planning, internet filtering and IP addressing.