Reference no: EM13949798
Question:
Case Study 1: Mitigating Cloud Computing Risks
Imagine you are an Information Security Manager in a medium-sized organization. Your CIO has asked you to prepare a case analysis report and presentation on establishing internal controls in cloud computing. The CIO has seen several resources online which discuss the security risks related to Cloud based computing and storage. One that stood out was located at https://www.isaca.org/Journal/Past-Issues/2011/Volume-4/Pages/Cloud-Computing-Risk-Assessment-A-Case-Study.aspx. You are being asked to summarize the information you can find on the Internet and other sources that are available. Moving forward, the CIO wants to have a firm grasp of the benefits and risks associated with public, private, and hybrid cloud usage. There is also concern over how these systems, if they were in place, should be monitored to ensure not only proper usage, but also that none of these systems or their data have been compromised.
Write a three to four (3-4) page paper in which you:
Provide a summary analysis of the most recent research that is available in this area.
Examine the risks and vulnerabilities associated with public clouds, private clouds, and hybrids. Include primary examples applicable from the case studies you previously reviewed.
Suggest key controls that organizations could implement to mitigate these risks and vulnerabilities.
Develop a list of IT audit tasks that address a cloud computing environment based on the results from the analysis of the case studies, the risks and vulnerabilities, and the mitigation controls.
Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student's name, the professor's name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Describe the process of performing effective information technology audits and general controls.
Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication networks, cloud computing, service-oriented architecture and virtualization.
Use technology and information resources to research issues in information technology audit and control.
Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions
|
Calculating how long customer waiting time will in seconds
: Using a single-server queuing system with Poisson arrivals of 10 units per hour and a constant service time of 2 minutes per unit. How do I go about calculating how long the customer waiting time will be in seconds, on average?
|
|
Compute gross revenues by month and region
: Create a new worksheet in the database to compute gross revenues by month and region, as well as world-wide totals, for each product using the data in Mower Unit Sales and Tractor Unit Sales
|
|
Determine the mass flow rate
: Air enters a one-inlet, one-exit control volume at 6 bar, 500 K, and 30 m/s through a flow area of 28 cm2. At the exit, the pressure is 3 bar, the temperature is 456.5 K, and the velocity is 300 m/s. The air behaves as an ideal gas. For steady-sta..
|
|
Significant areas of audit planning and risk assessment
: One of the most significant areas of audit planning and risk assessment is to become expertly knowledgeable about the industry or industries that the audit client operates in. This may involve multiple SBU's (Strategic Business Units).
|
|
Develop a list of it audit tasks
: Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication networks, cloud computing, service-oriented architecture and virtualization.
|
|
How to set title criteria for more than one title position
: I am having a problem with criteria range. I do not know how to set two different criterias in one column. I need to ADVANCE FILTER all of the Clerks (1 and 2) and the Sect. 1 workers who make more than $5.50/hr
|
|
What effect would davids actions have on quality of bolts
: Explain why David stopped inspections on the bolts and reassigned inspectors to production and materials handling. What likely effect would David's actions have on the quality of the bolts?
|
|
Operator of a pumper-tanker fire engine
: 1. How does the operator of a pumper-tanker fire engine control water flow to all the hoses in use? 2. For air flowing through a converging-diverging channel, sketch the variation of the air pressure as air accelerates in the converging section and..
|
|
Control volume energy rate balance
: 1. How does the control volume energy rate balance account for work where mass flows across the boundary? 2. Why does the relative velocity normal to the flow boundary, Vn, appear in Eqs. 4.3 and 4.8?
|