Tuesday, 16 June 2015

CMGT 442 ENTIRE COURSE

CMGT 442 ENTIRE COURSE


Information Systems Risk Management


Week 2 Individual Assignment Service Request SR-HT-001 (Huffman Trucking Benefits Election System)


Prepare a 3- to 5-page paper describing the considerations necessary to address the possible security requirements and the possible risks associated with the Benefits Elections Systems being requested by the Service Request, SR-HT-001 for Huffman Trucking Company.


Week 3 Individual Assignment Security Monitoring


Prepare a 3- to 5-page paper describing the security monitoring activities that should be conducted in an organization with both internal IT (payroll, human resources, inventory, general ledger, and so on) and e-commerce (Internet sales and marketing) applications. The paper will include the rationale supporting each monitoring activity you propose and any recommended course of action to be taken when a significant risk is identified.


 


Week 4 Individual Assignment Outsourcing Risks


Prepare a 3- to 5-page paper that identifies the possible risks to an organization in each of the following outsourcing situations: a) the use of an external service provider for your data storage; b) the use of an enterprise service provider for processing information systems applications such as a payroll, human resources, or sales order taking; c) the use of a vendor to support your desktop computers; and d) the use of a vendor to provide network support. The paper will include a risk mitigation strategy for each situation. One mitigation strategy, because of personnel and facility limitations, cannot be proposed in the paper, because it eliminates the outsourcing by bringing the situation in house.


Week 5 Team Assignment McBride Financial Services Risk Assessment


McBride Financial Services, one of the Virtual Organizations, is currently opening offices in Boise, Idaho and Sioux Falls, South Dakota. Select one of the locations and prepare a comprehensive risk assessment for McBride’s management team. The risk assessment should identify potential risks that could impact the operation of the business. The written assessment should be 8 to 10 pages in length and will be submitted to the instructor during Week Five. In addition, the Learning Team will prepare a Microsoft® PowerPoint® presentation of the project which will also be submitted to the instructor during Week Five.

In preparing the risk assessment, be sure to consider and address the following hypothetical issues and concerns:

• Technological risk that may impact business operations.

• The use of toxic chemicals in the vicinity of the business by manufacturing processes industrial solvents, blue print machines, etc.

• Public transportation facilities that might handle the carriage of dangerous or hazardous substances, which could be involved in major accidents

• Potential targets of criminal activity

• Potential targets of terrorist activity such as government offices, law enforcement agencies, or politically sensitive businesses or services


Begin working on the Learning Team project.Review McBride Internet and intranet websites for information about the selected location.

Finalize and submit the risk assessment.Finalize and submit the Microsoft® PowerPoint® presentation.Research the local area and surrounding businesses for potential risks.


Discussion Questions:


  • Based on the Ledford article, what special issues must be considered for corporate data which is not fully digitized?  What are the potential risks associated with the loss of this type of data?

  • Based on the Barr article, what special issues must be addressed for a risk management strategy that supports Web-based systems?  Why are the risks associated with disruption of these web-based systems critical and require diligent consideration?

  • Based on the Keston (2008) article, how important is enterprise identity management for reducing risk throughout the enterprise?  Please explain why a viable risk management strategy must include, at a minimum, a solid enterprise identity management process.

  • Based on the Barr (2009) article, what type of software should be considered to provide adequate security management across the enterprise?  Is this a practical solution?  Why or why not?

  • Based on the Barr (2009) article, what are some key factors found in the Federal Government’s Continuity of Operations Process (COOP) which may be applicable to the private sector?  Why?

  • Based on the Spring (2010) article, please explain the key differences between the Federal Information Security Management Act (FISMA) and the Federal Government’s Continuity of Operation Process (COOP) explored in this week’s DQ1.

  • Based on the Ainsworth (2009) article, how might an effective risk management plan be considered as a process to restore all systems, businesses, procedures, facilities, and people?  What are the major issues involved?

  • Based on the Barr (2007) article, what changes would you recommend for the Information Security Forum’s 2007 Standard and why?  Which of these changes must be incorporated into the enterprise’s risk management plan and why?

  • Based on the Drumheller (2010) article, why would you consider conducting an information security gap analysis on a regular basis as an essential best practice for ensuring enterprise risk management?  What are the major factors to consider when conducting an IS gap analysis?

Weekly Summaris Week 1-5



CMGT 442 ENTIRE COURSE
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)