User Account

All Pages

Risk assessment-mitigation strategy for a fictional airport

Assignment Help Project Management
Reference no: EM13915081 , Length: 2500 Words

Creation of a risk assessment and mitigation strategy for a fictional airport that includes four distinct organizations. Based on a provided scenario, you will develop a report for the management team that includes personnel recommendations for IT team members, a comprehensive assessment of IT security risks, and suggested strategies and approaches for minimizing the identified risks.

The Scenario: You have been hired as a consultant to conduct a comprehensive risk assessment and provide a risk assessment and mitigation report for an airport.

The airport has four different organizations:

1. Airport authority
2. Four flight service providers (four airlines)
3. Airport restaurant
4. Guests

The airport authority maintains a system that handles the flight management controls. This system is made up of a database server, an application server, and a web server.

The four flight service providers have only back-end access to their own dedicated server in the airport authority network and not to any other provider's back-end systems. Each flight service provider has a system made up of a database server, an application server, and a web server that allows patrons to reserve and purchase tickets.

The restaurant provides food for both airport employees as well as travelers. The restaurant's systems are used to maintain customer transactions, human resource functions (payroll and benefits information), and vendor ordering.

Guest users have wireless access to a high-speed internet connection, which is also shared among all the users in all organizations.
The wireless access uses a common password. Guest users should not have access to the other organizations within the airport. The users obtain IP addresses automatically. The airport authority has 27 users, and the flight service providers have 85 users. The maximum number of guests is estimated to be 100.

Software updates that address security vulnerabilities are assessed by the airport security team. The team verifies whether the vulnerability is applicable to their environment. If it is, they analyze the circumstances under which vulnerabilities could be exploited and the possible business impact on organizational assets and business continuity.

After the evaluations are complete, the security team works with the configuration management administrator to manage software updates. The administrator reviews the security team's list of critical security updates and runs a report to see how many computers on the network are potentially vulnerable to the exploit addressed in the security update.
The organization has a content-filtering firewall in place; however, there are currently no filtering rules. There has been some discussion in the past to mitigate this, but the organization is looking for recommendations on how this should be configured.
Critical Elements: Your 8- to 10-page risk assessment and mitigation strategy must include the following critical elements:

1. Team Information

a. Identification of all stakeholders.
b. Job Description. Create a job description for the chief security officer the airport plans to hire. Include desired qualifications and experiences, as well as responsibilities and daily tasks.
c. Security Certification Recommendations. Recommend certifications for the current IT staff. Provide a brief rational for your recommendations.

2. Risk Assessment

As part of your risk assessment, based on the provided scenario information, include an analysis of the security risks in the areas listed below.

a. Security and Business Processes. Summarize the impact of confidentiality, integrity, availability, and privacy on business processes.
b. Legal, Regulatory, Ethical, and Social Issues. Discuss key ethical, social, and legal issues related to IT security. Identify at least three laws or regulations that pertain to the organization.
c. Viruses and Malicious Software. Identify how the organization detects, controls, and prevents viruses and other malicious software.
d. Web Server Security Strategies. Assess the usage of browsers, cryptographic posture, and server and protocol securities such as IPsec, SSL, and VPN.
e. External Threats. Analyze necessary firewalls, intrusion detection, and intrusion prevention systems.
The results of the risk assessment will guide the development of the company's risk mitigation strategy.

3. Mitigation Strategy

As a result of the items identified in the risk assessment, develop a mitigation strategy that addresses the security risks outlined in the risk assessment. As part of your strategy, address the following:
a. Employee Guidelines. Develop guidelines to share with employees. The guidelines should summarize the proposed approach to confidentiality, integrity, availability, and privacy.
b. Legal, Regulatory, Ethical, and Social Issues. Provide a detailed explanation of how the IT department will mitigate identified ethical, social, or legal issues. Be sure to address legal or regulatory gaps.
c. Viruses and Malicious Software. Describe new approaches for the detection, control, and prevention of viruses and other malicious software.
d. Web Server Security Strategies. Detail necessary changes to the websites, browser settings, and remote access.
e. External Threats. Develop a comprehensive plan to address risks from external threats.

4. References

Verified Expert

Stakeholder Information It is important to identify the required stakeholders for the airport scenario in order to provide the security credentials. Stakeholder is defined as a person or a group of persons who is affected by the objectives of the organizations. Collecting information about the inventory of airport stakeholders, their objectives to form the basis for airport’s performance are also important to evaluate. The list of required stakeholders is provided as below: • Airport Organization: The airport organization is composed of individual airport or a group of airports which can be controlled and managed by a single organization. Local government appoints board to oversee the airport organization.

Reference no: EM13915081

Questions Cloud

Why the lcm rule resulted in a write-down in the first year : Explain why the LCM rule resulted in a write-down in the first year. What is the inconsistency between the first- and second- year treatments of the change in the price of oil?
Resistance of the shunt field : Explain the difference in the resistances found for the shunt field, series field, and armature circuits. In particular, why is the resistance of the shunt field so different from the resistances of the armature and series field?
Formulate a linear programming (lp) model : Formulate an optimization model to solve this problem such that the total cost, including transportation costs from warehouses to markets and fixed warehouse costs, is minimized while demand is satisfied and capacity is not exceeded.
Studying the steps of the communication process : Which step in the communication process do you consider to be the most important? Why do you think this? Which of these steps is the most uncomfortable for you? Why is this? How might you work to change this?
Risk assessment-mitigation strategy for a fictional airport : Creation of a risk assessment and mitigation strategy for a fictional airport that includes four distinct organizations. Based on a provided scenario, you will develop a report for the management team that includes personnel recommendations for IT..
Indulge your inner gadget geek : How has technology changed the communication process? Has technology changed the way people communicate in business? Provide at least two examples, whether of gadgets, software, other technologies, or a combination of technologies
Why do you suppose exxonmobil''s management chooses to use : Why do you suppose ExxonMobil's management chooses to use the LIFO inventory method? On what economic conditions, if any, do those reasons depend?
Calculate a value of chi-sqaure : The thinking is that differetn networks may affect how they report the news. Calculate a value of chi-sqaure, and determine the conclusion at the 95% level of confidence
Compute and compare the inventory turnover : Compute and compare the inventory turnover and days' inventory on hand for CVS for 2011 and 2010. Ending inventories in 2009 were $10,343 million.

Reviews

jus915081

9/9/2016 7:12:57 AM

Thank you very much for your help with this and thank you for delivering earlier than the deadline!, Are you able to finish this project in full for me? Here is the feedback on Milestone One from the instructor, these corrections he is asking have to reflect in the next two projects; Reread the scenario for the final. You missed some pieces that are right there. 1. Network - you are missing segments of the network. One for sure is the wireless. Let me know if you need help. 2. Laws - You need to identify the actual law not the idea or intent of the law. 3. Stakeholders - There are at least 4 and they are identified in the final scenario. You got 2 I believe. What relevance is say the Airport Authority? Well they provide the infrastructure of the building, network, etc. They also are responsible for maintenance of the most of the physical security also.

Write a Review

Project Management Questions & Answers

  Examine the organizations basic legal and social issues

Project Management - Examine the organizations basic legal, social and economic issues

  What does the term maturity mean in project management

Ensuring Success on Projects - What are some issues that project managers need to be mindful of during the final stages of projects?

  What is the duration of the project and state

State the critical path - what is the duration of the project and state in table format, the ES, LF and slack for activities E, H and I.

  Benefits of project planning and project managementprepare

benefits of project planning and project managementprepare a 20-minute presentation that you will give to your manager

  Institutional theories- functional and product matrix

Summarize the theorists arguments concerning the practical institutional theories of functional and matrix forms of organization

  How to crash project to keep project on schedule

How would you crash project (which activities would you crash) to keep project on schedule and get original duration, if Activity B actually takes 5 weeks instead of planned 3 weeks?

  Prepare a project report

Prepare a project Report - This indicates the major and minor sections and outlines the structure. It should also contain a list of diagrams, tables, charts and so on.

  Changing the degree of operating leverage

How does this change the degree of operating leverage? Now recompute the operating leverage assuming that the entire ¥ 33 billion of costs are fixed.

  Question about aggregate production planning

Question about Aggregate production planning - Determine the total cost using a one-month planning horizon

  What can you do to eliminate the risk

What is impacted if this risk occurs? What is the extent of the impact and what can you do to eliminate the risk

  Discuss the influence of rationalism in politics

1. Discuss the influence of Rationalism in politics and how it impacts the public's view of government services.

  Define project risks identification

Leave room to append more information later to show your mitigation strategy. Complete the New Content below, and copy it under the sections in Key Assignment Document called "Project Risks Identification" and Project Risks Assessment

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd