User Account

All Pages

What is key focus of stakeholders in information security

Assignment Help Management Information Sys
Reference no: EM131963619

Lab Assignment

Defining an Information Systems Security Policy Framework for an IT Infrastructure

In this assessment, you will review many of the issues and problems, faced when implementing security policies. The chapter 5 gives pointers on how to overcome these challenges and how to deal with human nature in the workplace. The chapter also gives guidance on how to manage security policy changes in your organization.

Lab Assessment Questions & Answers

1. Successful security policy implementation in the workplace depends on people understanding key concepts and embracing the material. Thus, people need to be motivated to succeed if they are going to implement such policies. There are three basic elements of motivation. Identify and discuss each element.

2. Which of the following statements captures an example of a manager tapping into pride as a source of motivation? Answer and Explain your choice.

A. "It's really important that you complete this task because it is one of your roles and responsibilities."
B. "The supervisor is requiring that I inform you that you need to complete this task because the person originally assigned is not available."
C. "It is necessary that you complete this task because not doing so would result in disciplinary action."
D. "It is really important that you complete this task because the team values your contributions and would benefit from your input."

3. In order to gain a deeper understanding of how employees interact in the workplace, it is useful to learn about the eight classic personality types that have been identified by HR Magazine. One of these is the achievers. Which of the following descriptions best captures this personality type? Answer and Explain your choice.

4. For leaders, implementing security policies is all about working through others to gain their support and adhere to the policies. Of the widely accepted leadership rules that apply to security policies, which of the following is not among these rules? Answer and explain your choice.

A. productivity
B. values
C. support
D. training

5. Implementing security policy means continuous communication with and ensuring transparency about what's working and what's not working. Answer and explain your choice.

A. control partners
B. stakeholders
C. executives
D. data custodians

6. To be thoughtful about the implementation of security policies and controls, leaders must balance the need to reduce with the impact to the business operations. Doing so could mean phasing security controls in over time or be as simple as aligning security implementation with the business's training events. Answer and explain your choice.

7. Although an organization's list of stakeholders will vary depending on the policy being implemented, there are stakeholders who can be seen commonly across organizations. What is the key focus of stakeholders in information security? Answer and explain your choice.

A. timely delivery of high-quality products and services at competitive prices
B. compliance with laws and regulations
C. keeping operations within risk tolerances
D. protection of the company and the customer

8. In a large organization, the complexity required to keep operations running effectively requires a hierarchy of specialties. Thus, which of following organizational structures is preferred? Answer and explain your choice.

A. flat organizational structure
B. matrix relationship structure
C. hierarchical organizational structure
D. change agent structure

9. It is important that an effective roll out of information security policies prioritizes good communications. Which of the following is not among the points to be included in a good communication approach? Answer and please explain your choice.

A. Be clear-avoid technical jargon when possible.
B. use many channels-reinforce the message as many times as possible.
C. Say "thank you"-acknowledge the efforts both to create and to implement the security policies.
D. Be withholding-it is important to keep the main impact of the policy confidential.

10. One of the well-documented reasons for why projects fail is insufficient support from leadership. This occurs when value is only derived from policies when they are enforced. An organization must have the will and process to reward adherence. Do agree or disagree? Why?

11. The last step on Kotter's Eight-Step Change Model is to anchor the changes in corporate culture; to make anything stick, it must become habit and part of the culture. Therefore, it is important to find opportunities to integrate security controls into day-to-day routines. Do you believe this to be true or false? Why?

12. In general, implementing security policies occurs in isolation from the business perspectives and organizational values that define the organization's culture. Is this correct or incorrect? Why?

13. When going through the steps to create a vision for change, it is valuable to find a leader in your organization who can be an agent of change; someone who doesn't follow the pack, who can think outside the box, and can steer the organization through the politics of creating change. Do agree or disagree? Why?

14. Because it takes time to change an organization's culture, the ISO must continually monitor security policy compliance. The ISO reports to leadership on the current effectiveness of the security policies and will also have to ask the business to accept any residual risk or come up with a way to reduce it. Is this true or false? Why?

15. In general, matrix relationships are created with control partners. Is this true or false? Why?

16. Data owners ensure that only the access that is needed to perform day-to-day operations is granted and that duties are separated adequately to mitigate the risk of errors and fraud. Is this true or false? Why?

17. When discussing security policies and implementation tasks, one should follow a checklist with three items: 1) things to do; 2) things to pay attention to; and 3) things to report. Is this true or false? Explain.

18. It is advised to always have discretion with leaders. Explain in general terms what information security policies can and cannot achieve. It is equally important to be conservative in your estimates regarding the impact on the business; otherwise you risk losing credibility. Is this true or false? Explain.

19. One should focus on measuring risk to the business as opposed to implementation of policies and control when tying policy adherence to performance measurement. Is this to be true or false? Explain.

20. One of the basic measurements for assessing whether or not individuals are being held accountable for adherence to security policies is the reported number of security violations by employees. You should investigate any unexplained increases in reported violations to determine why an abnormal number is occurring. Is this to be true or false? Explain.

Reference no: EM131963619

Questions Cloud

Which aspect of object modeling did you find the easiest : Which aspect of object modeling did you find the easiest to understand? Why? In what ways do you expect to apply that technique?
Path of economic development : In their path of economic development, are there any similarities? If so, what are they? Are there any differences? If so, what are they?
How much more interest will he? earn : Dave won a photography contest and received a $1325 cash prize. How much more interest will he? earn?
Compare the economic crisis in greece with the banking : Compare the economic crisis in Greece with the banking crisis and the corresponding one suffered in the US at the same time.
What is key focus of stakeholders in information security : What is the key focus of stakeholders in information security? Say thank you-acknowledge the efforts both to create and to implement the security policies.
What is the equivalent annual worth of the maintenance costs : What is the equivalent annual worth of the maintenance costs at an interest rate of 10% per year, compounded MONTHLY?
Monetary or fiscal policy : Does the one that achieves quicker results make it a more powerful policy instrument? Why or why not?
You pay off the mortgage in equal-sized monthly payments : You pay off the mortgage in equal-sized monthly payments, what is the size of each payment?
Progressive tax rate : How does an intertemporal Budget contraint look assuming a progressive tax rate are there kinks?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Explain the meaning of the premise

Provide support for each premise of your argument. Explain the meaning of the premise, and provide supporting evidence for the premise. [One paragraph for each premise]Pay special attention to those premises that could be seen as controversial. Ev..

  Perform a web search for object-oriented systems analysis

Perform a web search for the exact phrase "object-oriented systems analysis". You will find lots of sites that address this topic.

  Why is it important to stay abreast of type of information

It may seem inevitable that market leaders will find their market share eroded substantially as a result of technological change. Why is it important to stay abreast of this type of information as a manager?

  Would the cure change your mind about the alterations

Is there a cure for this disorder? Would the cure change your mind about the alterations of the embryo

  Write paper on using quality control tools

Prepare a 3-page APA formatted paper on using quality control tools.

  Compare and contrast the four ps approach

Compare and contrast the four Ps approach to marketing versus the value approach (creating, communicating, and delivering value).

  Justify your three softwares

EPM5700 Project Management and Information Technology Individual Assignment. Justify your 3 softwares. Areas in which these softwares are used

  Take a moment to familiarize yourself with the naming

Take a moment to familiarize yourself with the naming convention to keep track of the hardware you are using.

  How do you think backemel should obtain innovative ideas

How do you think Backemel should obtain innovative/creative ideas to solve the problem of obtaining fresh water from a living animal?  Consider the employees at Backemelas well as outside industry

  What is the impact of ai on future employment

Discuses some business problems that use Expert Systems where solutions are to achieve greater competitive advantage.

  Describe the effectiveness of the chosen technologies

Criminals, law enforcement, and the public have access to many types of technology. Cell phones, G.P.S., home computers, and the Internet are commonplace. Advanced weaponry and security systems are used throughout our society as well. Technology h..

  Disaster recovery and planning

Disaster recovery and planning - Conclusion for one page in APA format - It should include what is Disaster recovery and planning and examples along with references

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd