User Account

All Pages

The vulnerabilities and risk about an information system

Assignment Help Management Information Sys
Reference no: EM132146834

Assessing Information System Vulnerabilities and Risk

The security posture of the information systems infrastructure of an organization should be regularly monitored and assessed (including software, hardware, firmware components, governance policies, and implementation of security controls).

The monitoring and assessment of the infrastructure and its components, policies, and processes should also account for changes and new procurements that are sure to follow in order to stay in step with ever-changing information system technologies.

The data breach at the Office of Personnel Management (OPM) is one of the largest in US government history. It provides a series of lessons learned for other organizations in industry and the public sector.

Some critical security practices, such as lack of diligence to security controls and management of changes to the information systems infrastructure were cited as contributors to the massive data breach in the OPM Office of the Inspector General's (OIG) Final Audit Report, which can be found in open source searches.

Some of the findings in the report include: weak authentication mechanisms; lack of a plan for life-cycle management of the information systems; lack of a configuration management and change management plan; lack of inventory of systems, servers, databases, and network devices; lack of mature vulnerability scanning tools; lack of valid authorizations for many systems, and lack of plans of action to remedy the findings of previous audits.

The breach ultimately resulted in removal of OPM's top leadership. The impact of the breach on the livelihoods of millions of people is ongoing and may never be fully known. There is a critical need for security programs that can assess vulnerabilities and provide mitigations.

There are nine steps that will help you create your final deliverables.

The deliverables for this project are as follows:

Security Assessment Report (SAR): This should be an 8-10 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.

Risk Assessment Report (RAR): This report should be a 5-6 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.

In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab.

Reference no: EM132146834

Questions Cloud

Differentiate acceptable from unacceptable job candidates : What Background investigations, if any, would you recommend to differentiate acceptable from unacceptable job candidates? Why?
Describe how such anomalies could be prevented : Data Anomalies - Explain in your own words using tables from your lab project. Also describe how such anomalies could be prevented.
Create policies for your x companys it infrastructure : Create Policies for your X company's IT infrastructure. Develop list of compliance laws required for X Company's contract .
Global warming of a given amount of carbon dioxide : Assume the effect on global warming of a given amount of carbon dioxide is four times that of methane. What should be the relative fine (tax) on emissions
The vulnerabilities and risk about an information system : The impact of the breach on the livelihoods of millions of people is ongoing and may never be fully known.
Write a post in the discussion stream : After reading Chapter Supporting Processes with ERP Systems, consider the following: The athletics director buys sports equipment from a supplier.
Research the history of the attack and those responsible : Research the history of the attack and those responsible. What did this exploit?
Calculate the payback period for each product : Lou Barlow, a divisional manager for Sage Company, His annual pay raises are determined by his division's ROI, Calculate the payback period for each product
What is your practical experience with physical security : In your current job, what are the physical security protocols that you are required to follow and explain the one you find most annoying?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Find general information about institute of internal auditor

Using a Web Browser, find general information about the Institute of Internal Auditors. Find what universities offer graduate education in this field.

  Identify three innovative ways that corporation could take

Using the corporation you identified in question 9, identify three innovative ways that the corporation could take advantage of the low cost of data communication and storage.

  Inflate the benefit figures for an it proposal

Suppose your supervisor asks you to inflate the benefit figures for an IT proposal, in order to raise the priority of his or her favorite project.

  Summarize how you would troubleshoot

Suppose you receive a phone call from a client in Sales who cannot print a report on a printer in the Research and Development department. The report is from a database created on a server located at headquarters. The client tells you that other m..

  Describe a situation in your internship or previous work

Describe a situation in your internship, or previous work, where you have taken account of an Australian Standard in fulfilling your ICT task, and why.

  Database - what can it do

Explain a database that you could use or create for work or home use - What sort of reports could be generated from the information?

  Discuss the conditions that lead to the freedom with fences

Can the "fences" stall the very idea the executive seeks to achieve? And if we cannot train to these ideals, but only hire to them.

  Research and recommend a cmp approach for a university

Research and find at least three (3) approaches for developing a CMP. Research and recommend a CMP approach for a University.

  Promote a bill to allow casino gambling in your state

As a junior congress person you have been asked to help promote a bill to allow casino gambling in your state.

  Different types of information systems

Scenario: Imagine that you and a business partner are considering starting a small, brick & mortar, nostalgic record store. Your friend does not have much experience with information systems or technology, and needs a basic understanding of the di..

  The use of geographic information systems in business

The paper must be directly related to the use of Geographic Information Systems in Business.

  Reflect upon sustainability from the perception of the cio

Reflect upon sustainability from the perception of the CIO. Explain why sustainability should be an important concept for every CIO to embrace.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd