Reference no: EM13774059
Part A
Q 1,
Based on the Ledford (2010) article, what special issues must be considered for corporate data which is not fully digitized? What are the risks associated with the loss of this data? What recovery procedures do you recommend for these situations?,
Q 2,
Based on the Barr, J. (2010) article, what special issues must be addressed for a risk management strategy that supports user-facing Web-based systems? What are the risks associated with disruption of these systems?,
Q 1,
Based on the Keston (2008) article, how important is enterprise identity management for reducing risk throughout the enterprise? Explain why a viable risk management strategy must include, at a minimum, a solid enterprise identity management process.,
Q 2,
Based on the Barr (2010) article, what software must be considered to provide adequate security management across the enterprise?,
Part B
Individual Assignment Huffman Trucking Security Risks,
Prepare a 3- to 5-page paper describing the considerations necessary to address the possible security requirements and the possible risks associated with the Benefits Elections Systems being requested by the Service Request, SR-HT-001 for Huffman Trucking Company.,
Q 1,
Based on the Barr (2009) article, do you think the private sector must employ something similar to the Federal Government's Continuity of Operations Process (COOP) as an integral part of their enterprise risk management plan? What are the major issues to consider?,
Q 2,
Based on the Spring (2010) article, do you think the Federal Information Security Management Act (FISMA) might provide the basis for a standard framework for enterprise risk management adaptable to the private sector? What are the major issues to consider?,
Part C
Individual Assignment Security Monitoring Tools (Huffman Trucking),
Prepare a 3- to 5-page paper describing the security monitoring activities that should be conducted in an organization with both internal IT (payroll, human resources, inventory, general ledger, and so on) and e-commerce (Internet sales and marketing) applications. The paper will include the rationale supporting each monitoringactivity you propose and any recommended course of action to be taken when a significant risk is identified.
Q 1,
Based on the Ainsworth (2009) article, might an effective risk management plan be considered a process that may restore all systems, businesses, processes, facilities, and people? What are the major issues to consider?
Ainsworth, M. (2009). The business continuity planning process. Faulkner Information Services.,
Q 2,
Based on the Barr (2007) article, what changes would you recommend for the Information Security Forum's 2007 Standard? Which of these changes must be incorporated into the enterprise's risk management plan?,
Barr, J. G. (2007). The standard of good practice for information security. Faulkner Information Services.,
Part D
Individual Assignment Huffman Trucking Outsourcing Risks,
Prepare a 3- to 5-page paper that identifies the possible risks to an organization in each of the following outsourcing situations:
a) the use of an external service provider for your data storage;
b) the use of an enterprise service provider for processing information systems applications such as a payroll, human resources, or sales order taking;
c) the use of a vendor to support your desktop computers; and
d) the use of a vendor to provide network support. The paper will include a risk mitigation strategy for each situation. One mitigation strategy, because of personnel and facility limitations, cannot be proposed in the paper, because it eliminates the outsourcing by bringing the situation in house.
Q 1,
Based on the Drumheller (2010) article, do you consider conducting an information security gap analysis on a regular basis an essential best practice for ensuring enterprise risk management? What are the major factors to consider when conducting an information security gap analysis?
Drumheller, R. (2010). Conducting an information security gap analysis. Faulkner Information Services.,
Q 2,
Based on the Shaw (2009) article, why would you consider deploying an Intrusion Protection System (IPS) over an Intrusion Detection System (IDS) to enhance enterprise risk management? What are the major factors to consider when employing this technology?
Shaw, R. (2009). Intrusion prevention systems market trends. Faulkner Information Services.,
Learning Team Assignment Risk Assessment Paper,
Finalize and submit the risk assessment.,
CMGT 442 Week 5 Learning Team Assignment Risk Assessment Presentation,
Finalize and submit the Microsoft® PowerPoint® presentation.,