User Account

All Pages

Create a report for company that identifies key components

Assignment Help Computer Engineering
Reference no: EM133573065

Report Assignment

You have been hired to help a small retail company with their risk management program. Below are some specifics about the company:

A. The company consists of 30 employees spread across 3 locations in Denver (USA), Quebec City (Canada), and Nice (France).

B. The company has retail locations in Denver and Nice along with an online presence (serving the US, Canada, and Europe). A small product design team is located in Quebec City.

C. The three locations are connected to each other via VPN connections using the Internet. The main hardware (very small data center) is located in the Denver office. They do not currently have a backup/redundant data center.

D. The company currently has 2 full time IT professionals (Denver and Nice). These professionals would be responsible for managing the company's IT risk management program.

E. The company is required to comply with PCI-DSS, California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), and the Personal Information Protection and Electronic Documents Act (PIPEDA)

Your task is to create a report for the company that identifies some of the key components of risk management and addresses their current concerns. Take into account the items above, along with the concerns identified below:

A. Risk management is fairly new to the company, make sure to fully define/describe the concepts the rubric is looking for.

B. Create a risk register using the 3 risks below and include the following information:

1. Risk Description: Information about the risk itself, including relevant threats, vulnerabilities, and consequences

2. Affected Assets: Information about assets or asset groups that are affected by the risk (you can generalize this somewhat as you don't have many specific details)

3. Risk Score: Information about the probability and impact of threat occurrence, expressed in qualitative terms (Low - Medium - High)

4. Risk treatment Analysis: Information about the potential impact of various risk treatment options

5. Risk Treatment: Information of risk treatment you suggest the company should implement and why (citing other companies/examples can help with this)

Three risks have been identified by the company as pressing issues:

I. Potential for a data breach of sensitive customer information located on various (electronic) company resources.

II. Potential for a disruption to the physical retail locations where customers would not be able to visit or make purchases from these 2 locations.

III. Potential for a catastrophic disruption at the Denver location which would render the data center unavailable, causing an interruption to all locations, including the online presence.

C. The company has noticed an increase in phishing emails and is worried about malware. Using the scenario of malware install via a phishing email, create an incident response playbook by using the phases/steps of security incident response (chapter 5) describing what each phase is and the activities that would occur for the company in this scenario.

D. Some aspects of a full risk management program may be out of the scope/knowledge for the company to manage internally. Research 3 companies that provide IT risk management/security program management services that can assist the company. Make sure to include for each:

1. Company name, location, website (should be in the US as that is where the main company data center is located)

2. Summary of services provided

3. Reason why you are proposing this company as an option (can include current customers to help validate)

Reference no: EM133573065

Questions Cloud

Discuss the pros and cons of vertical integration : Discuss the pros and cons of vertical integration. How does the structure of an industry drive the need for vertical integration?
Describe the internal organisational information : Briefly describe the difference between internal organisational information and external organisational information needs. Provide two (2) examples of each.
What might have been a better way for them to deal : What might have been a better way for them to deal with the Christians who, for their monotheistic faith, refused to worship Roman gods?
What are the potential hazards involved : what are the potential hazards involved, i.e. the hazards present prior to the incident occurring? Are the risks identified above acceptable in our company
Create a report for company that identifies key components : Your task is to create a report for the company that identifies some of the key components of risk management and addresses their current concerns.
What were some of the reasons for these qualifiers : concerning citizenship and identity during this period - who was considered "American" and who was not? What were some of the reasons for these qualifiers
Explain state actions and other developments : What is less clear is the ways in which realism might explain state actions and other developments during the interwar period
What is the impact of it on their operations strategy : How people's connections at Toyota are different from other companies? What is the impact of it on their operations strategy? Explain.
What aspect of environment was undermining directoss efforts : A new nursing director wanted to change some policies but encountered pushback from employees who wanted to keep things the way they had always been done.

Reviews

Write a Review

Computer Engineering Questions & Answers

  Expand or contract the number of phases

What is the Software/System Development Life Cycle (SDLC) and can we expand or contract the number of phases depending on the particular project?

  Importance of stakeholder engagement in policy making

discussed importance of stakeholder engagement in policy making. The author presented several benefits-analysis of five cases in which stakeholder engagement

  Identify all the attributes for the employee class

Identify all the attributes for the Employee class. Identify all the set and get methods for each of the attributes identified in 1.b.

  ITNET309A Computer and Network Forensics Assignment

ITNET309A Computer and Network Forensics Assignment Help and Solution, TAFE NSW - Assessment Writing Service - discuss the precautions and considerations

  Compare different intel processors in android devices

Compare and contrast the different Intel processors in Android phone and tablets. Practice converting between decimal and binary.

  How large a problem can be solved in 1 second using an algo

Determine how large a problem can be solved in 1 second using an algorithm that requires f(n) operations, where each operation is carried out.

  What do you think lencioni is trying to teach about power

Do you agree with Lencioni and his findings on humility as one of the most important attributes? Moreover, what do you think Lencioni is trying to teach about

  Determine the initial project management roles of each team

Determine the initial project management roles of each team member (assume a team size of 6-8) on the IT project team for planning, designing, and installing

  Why does a security professional need to understand

Why does a security professional need to understand anti-disassembly? Please explain and reference

  How technology can help your business

Learning the terms, acronyms, and technologies of your business is imperative when trying to understand how technology can help your business

  Questionthere are eight cars in every team called chevy and

questionthere are eight cars in every team called chevy and ford. one car from each team races its opponent on drag

  Explain the need for data security and social engineering

The WFH phenomena has been growing at a rapid pace and accelerated due to the pandemic. In the first part of the paper define and explain the need for data

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd