User Account

All Pages

Was the employee justified in taking home official data

Assignment Help Management Information Sys
Reference no: EM132151199

Lab #1 - Assessment Worksheet

LAB # 1 : Creating an IT Infrastructure Asset List and Identifying Where Privacy Data Resides

Overview: In this lab, you created an IT asset/inventory checklist organized within the seven domains of a typical IT infrastructure, you performed an asset identification and classification exercise, you explained how a data classification standard is linked to customer privacy data and security controls, and you identified where privacy data resides and what security controls are needed to maintain compliance.

Lab Assessment Questions

1. What is the purpose of identifying IT assets and inventory?

2. What is the purpose of an asset classification?

3. Why might an organization's Web site classification be minor, but its e-commerce server be considered critical for your scenario?

4. Why would you classify customer privacy data and intellectual property assets as critical?

5. What are some examples of security controls for recent compliance law requirements?

6. How can a data classification standard help with asset classification?

7. Given the importance of a Master SQL database that houses customer privacy data and intellectual property assets, what security controls and security countermeasures can you apply to help protect these assets?

8. From a legal and liability perspective, what recommendations do you have for ensuring the confidentiality of customer privacy data throughout the Mock IT infrastructure?

9. What can your organization document and implement to help mitigate the risks, threats, and liabilities typically found in an IT infrastructure?

10. True or false: Organizations under recent compliancy laws, such as HIPAA and the Gramm-Leach-Bliley Act (GLBA), are mandated to have documented IT security policies, standards, procedures, and guidelines.

11. Why is it important to identify where privacy data resides throughout your IT infrastructure?

Lab #2 - Assessment Worksheet

Case Study on U.S. Veterans Affairs and Loss of Privacy Information

Overview: In this lab, you reviewed a real-world case study that involved the loss of privacy information, and you analyzed what violations occurred, the implications of those violations, and the possible mitigation remedies that could prevent future violations.

Lab Assessment Questions & Answers

1. What is the difference between privacy law and information systems security? How are they related?

2. Was the employee justified in taking home official data? Why or why not?

3. What are the possible consequences associated with the data loss?

4. Regarding the loss of privacy data, was there any data containing protected health information (PHI) making this a Health Insurance Portability and Accountability Act (HIPAA)compliance violation?

5. What action can the agency take against the employee concerned?

6. Would the response of the agency have been different had the data theft occurred at work instead of happening at the employee's residence? Why or why not?

7. Why were the VA data analyst's two supervisors reprimanded and demoted by the VA secretary? Do you think this was justified? Why or why not?

8. What was violated in this data breach?

9. If the database had been encrypted because of VA policy, would this data loss issue even have been an issue? Why or why not?

10. What risk mitigation or security control recommendations would you suggest to prevent this from occurring again?

11. What information systems security and privacy security policies do you think would help mitigate this breach and loss of privacy data?

12. What or who was the weakest link in this chain of security and protection of privacy data?

13. If the VA had performed a security and information assurance audit for compliance, what could the VA do on an annual basis to help mitigate this type of loose policy conformance?

14. True or false: U.S. taxpayers ended up paying for this VA security breach, notifications, and post-mortem damage control.

15. Which organization in the U.S. federal government is responsible for performing audits on other U.S. federal government agencies? (Hint: It is also known as the "Congressional Watchdog.")

Reference no: EM132151199

Questions Cloud

Describe the purpose of database : We are ask to write in our own word. 1, Describe the purpose of Database. 2, Describe the entities of database and attribute of each entity.
Applications that support business objectives : What are the different types of wireless signals and how they are used in applications that support business objectives.
What amount will be required to purchase : What amount will be required to purchase, on an engineer's 40th birthday, an annuity to provide him with 30 equal semiannual payments of $1000 each.
Sense of community support and outreach : Servant Leader Behaviors foster this sense of community support and outreach.
Was the employee justified in taking home official data : What can your organization document and implement to help mitigate the risks, threats, and liabilities typically found in an IT infrastructure?
Difference between conceptual and operating talent : He described the difference between conceptual and operating talent and discussed the challenges of large businesses, universities, and growing edge churches.
What are evidenced reasons behind the interventions : What kind of INTERVENTIONS would you provide for this population in accordance with the unique framework of each perspective?
Securing data and equipment : A physical breach has more potential for occur than an electronic breach because people are careless with securing data and equipment. Do you agree?
Calculate the labor productivity for each event : The week before, nine workers prepared and served 230 meals at a wedding reception. a1. Calculate the labor productivity for each event.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd