User Account

All Pages

What information and business operations need to protected

Assignment Help Management Information Sys
Reference no: EM131214581

Corporate Profile Part 1: Buyer Profile

For this paper, you will research and construct a corporate profile for a publicly-traded company which operates in cyberspace and therefore has a need for cybersecurity products and services.A list of approved companiesappears at the end of this assignment description. If you wish to use acompany not on the approved list you must first obtain the approval of your instructor.

Research

1. Review the company's website to learn about the products and services which it sells.

2. Retrieve and review the Hoovers profile for the company. The company profile web pages are interactive and have expanding menus / options (see figure below). You may find it helpful to use the "Print Quick Report" menu item under My Tools.https://ezproxy.umuc.edu/login?url=https://www.mergentonline.com/Hoovers

3. Download and review a copy of the company's most recent Annual Report to Investors from its Form 10-K filing with the United States Securities and Exchange Commission.(Note: the company is the author of its Form 10-K. Do not list the SEC as the author.)

4. Identify 3 or more additional sources of information about the company and how it operates in cyberspace. These can be news articles, data breach reports, etc.

5. Using the information obtained from your sources, identify the types of information and business operations which drive this company's need for cybersecurity products and services. (What needs to be protected?)

6. Using the course readings and other materials, develop a "Buying Forecast" for likely purchases by this company for cybersecurity related products and services.

Write

1. An introduction section which identifies the company being discussed and includes a brief overview of the company including when it was founded and significant events in its history.

2. An overviewof the company's operations which summarizes information obtained from its annual report, the Hoovers profile for the company, and other sources which you found in your research. This information should include: headquarters location, key personnel, primary types of business activities and locations, major products or services sold by the company, major competitors, stock information (including ticker symbol or NASDAQ code), recent financial performance, and additional relevant information from the business profiles.

3. A separate section in which you describe this company's needs or requirements for cybersecurity. What information and/or business operations need to be protected?

4. A separate "Buying Forecast" section in which you discuss the company's likely future purchases for cybersecurity products and services. In this section, you should identify and discuss three or more categories of cybersecurity products or services which this company is likely to purchase.

Yourthree to five page Buyer Profile is to be prepared using basic APA formatting (including title page and reference list)and submitted as an MS Word attachment to the Corporate Profile Part 1 entry in your assignments folder. See the sample paper and paper template provided in Course Resources > APA Resources for formatting examples.Consult the grading rubric for specific content and formatting requirements for this assignment.

Corporate Profile Part 2: Cybersecurity Risk Profile

For this paper, you will construct a cybersecurityrisk profile for the company that you wrote about in Part 1 of the Corporate Profile project. Your risk profile, which includes an Executive Summary, Risk Register, and Risk Mitigation Recommendations (Approach & Security Controls by family), will be developed from information provided by the company in its Form 10-K filing (Annual Report to Investors) retrieved from the U.S. Securities and Exchange Commission (SEC) Edgar database. You will also need to do additional research to identify security controls, products, and services which could be included in the company's risk response (actions it will take to manage cybersecurity related risk).

Research

1. Review the Risk section of the company's SEC Form 10-K. Develop a list of 5 or more specific cyberspace or cybersecurity related risks which the company included in its report to investors. Your list should include the source(s) of the risks and the potential impacts as identified by the company.

2. For each risk, identify the risk management or mitigation strategies which the company has implemented or plans to implement.

3. Next, use the control families listed in the NIST Special Publication 800-53 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdfto identify general categories of controls which could be used or added to the company's risk management strategy for each risk in your list.

4. For each control family, develop a description of how the company should implement these controls ("implementation approach") as part of its risk management strategy.

Write

1. Develop a 2 to 3 pageExecutive Summaryfrom your Corporate Profile Part 1 (reuse and/or improve upon the business profile). Your Executive Summary should provide an overview of the company, summarize its business operations, and discuss the sources, potential impacts, and mitigation approach/strategy for cybersecurity related risks identified in the company's annual report.The Executive Summary should appear at the beginning of your submission file.

2. Copy the Risk Register &Security Control Recommendations table (see template at the end of this assignment) to the end of the file that contains your Executive Summary.

3. Using the information you collected during your research, complete the table. Make sure that you include a name and description for each risk. For the security controls, make sure that you include the family name and a description of how each recommended control should be implemented (implementation approach). Include the control family only. Do not include individual security controls from NIST SP 800-53.

YourRisk Profile is to be prepared using basic APA formatting (including title page and reference list) and submitted as an MS Word attachment to the Corporate Profile Part 2 entry in your assignments folder. See the sample paper and paper template provided in Course Resources > APA Resources for formatting examples.Consult the grading rubric for specific content and formatting requirements for this assignment.

Note: for this assignment you will be preparing a very high level risk register. Preparing a fully developed risk register and risk profile is beyond the scope of this course.

Table 1. Risk Register &Risk Mitigation Approach with Recommended Security Controls

Risk Identifier

Description of the Risk &
Current Risk Management Strategy

Risk Mitigation Approach with
Recommended Security Controls (by NIST SP 800-53 family)

 

Sequence # or Brief title (<50 characters)

Must be from Form 10-K. Split complex risk statements into multiple individual risks.

Must list NIST Control Family (two character ID) as part of recommended mitigation

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  

 

 

 

  

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Attachment:- amazon_10-k_form.rar

Reference no: EM131214581

Questions Cloud

Helping developing nations improve growth rate : What role might foregin invetment play in helping developing nations improve their growth rate and increase income levels?
What is the maximum time-averaged power : What is the maximum time-averaged power that can be transmitted in the waveguide in the TE10 mode without exceeding the breakdown electric field intensity of 3 x 106 V/m in air
Calculate internal rate of return on the diagnostic machine : General Hospital is planning to add a new diagnostic machine which should improve its quality of certain blood tests. The machine under consideration has a cost of $61,044 and is expected to save the hospital $7,610 each year. The machine has an expe..
Were there any barriers that inhibited your ability : Were there any barriers or challenges that inhibited your ability to complete the assessment tool? How would you address these in the future or change your assessment to better address these challenges?
What information and business operations need to protected : A separate section in which you describe this company's needs or requirements for cybersecurity. What information and/or business operations need to be protected?
Discuss government monetary policy : Prepare a comprehensive brief for your minister on the tools of monetary policy. The brief is only preparation for your minister who is not an economist to participate in a meaningful meeting to discuss government monetary policy directives to th..
What is the average gain of the company per policy : An insurance company offers a policy for a $100,000 in the case of death during a calendar year for its young customers. The cost of the policy is $250. If a young customer does not survive a calendar year with probability 0.0017 what is the average ..
Minimize total cost of completing : Assume that you want to minimize your total cost of completing 1000 units of work. How manyworkers would you hire and how much would you pay each of them.
Describe how you could apply operant conditioning theory : Identify the target behavior and provide an operational definition. Describe how you could apply operant conditioning theory to create an evidence-based behavior modification to address Emma's behavior.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Definition of procurement and contract management

A research paper about the field of project management and how it relates to purchasing and supply management

  Network design and latency - what kind of testing program

Network Design and Latency - What kind of testing program (Prototype or Pilot) would you recommend to test the video conferencing among the remote offices? Why did you choose the method over other options?

  Challenges associated with requirement elicitation

What are some of the challenges associated with requirement elicitation - How does an iterative approach help that process?

  Questionthe following use case diagram represents a project

questionthe following use case diagram represents a project management system. it shows an interaction between human

  Identify some benefits and costs associated with doing so

Discussion this week comes in two part s - Part one , for your consumption of technological resources at work (if not a work use the university) try and find out how they are charged - what do you see as the practical benefits and problems with th..

  Evelop five major goals for the information technology plan

evelop at least five major goals for the information technology strategic plan. Justify your response. Speculate on three positive organizational impacts of implementing the strategic plan. Justify your response.

  Most threatening security issues firms

What will be the most threatening security issues firms have to deal with within the next five years? Offer an example to support your response.

  Provide important information about information system

Important information about Information system - How Information system will affect this organization; making sure to include possible negative outcomes.

  Basic concepts of simple systemsdiscuss the basic concepts

basic concepts of simple systemsdiscuss the basic concepts of simple systems. identify 3 examples of simple

  Monthly sales by region and by sales people

Using the ABC Technologies Inc., Q1 2012 Sales spreadsheet, analyze the data on Q1 2012 Sales identifying the following: Monthly sales by Region, Quarter One sales by Region, Monthly sales by Product, Quarter One sales by Product

  Paper on effects of using computers for learning english

Write Research paper on Effects of using computers for learning English Language

  Identify network element that are interrelated and dependent

Isolate one (1) of the difficulties of communicating in the troubleshooting process and recommend one (1) way that the network troubleshooting engineer can do to overcome it. In your response, be sure to indicate the importance of communication at..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd