User Account

All Pages

Successful information assurance programs

Assignment Help Business Management
Reference no: EM131279675

Successful information assurance programs apply industry standards and best practices to identify security risk and then form dynamic, crossfunctional teams, when required, to develop a plan to address these gaps in a way that is sensitive to the needs of key stakeholders.

To prepare for the Project in this Week, assume that the fictitious organization is large and growing rapidly, with both internal and external IT risks involving employees, customers, business partners, suppliers, and contractors. Clearly state any other assumptions you make.

You have been asked to assess risks associated with access and authorization in your organization. Develop a brief scenario that depicts a threat related to access and authorization. Below are two example use cases for a single scenario to guide you. You will need to develop your own scenario as well as your own use cases.

Use Case 1: Employee Provisioning-There needs to be an enterprise process for employee account provisioning. This should include setting up employees with the correct access rights, based on their role. When employees change roles, their access should be appropriately changed. Today, employees are given access to resources using Active Directory groups. When they go to a new job, the old access rights often are not removed like they should be, and this is a security concern.

Use Case 2: Separation of Duties-Administrators need a high level of access for their jobs. Today, their credentials allow them to administer servers and create accounts locally on the servers and in Active Directory. They can also edit log files and delete accounts and groups in Active Directory. This is a security concern, and roles should be set up so server administrators can do their job but not the job of an Active Directory administrator. The role that is allowed to create accounts should not be able to create new roles, and managers should approve new accounts. Keeping an administrator's access in line with his or her role is a best practice, and it may be required by regulations such as Sarbanes-Oxley.

Please develop at least two others and explain them.

Write a 5- to 7-page paper about the risk assessment process that you plan to perform. Cover the following points:

  • Your introduction should include the following background information:
    • The country where the headquarters is located
    • The nature of the organization's operations
    • The general organizational structure
    • The country/ies in which the organization operates
  • In describing the scenario and the two use cases you created, you should include the following regarding risk assessment planning:
    • How your team plans to perform the risk assessment and identify the gap
    • What other teams would be involved in a successful risk assessment
    • How poor access and authorization management affects security risk and business processes
    • Who the stakeholders are and the most important activities they may perform that involve accessing data and resources

Reference no: EM131279675

Questions Cloud

What is wrong with cap weighted indexes : What is wrong with cap-weighted indexes?-  How can one obtain risk parameter estimates needed for portfolio construction decisions?
Determine the maximum value of h allowed : A 40-m-long, 12-mm-diameter pipe with a friction factor of 0.020 is used to siphon 30 °C water from a tank as shown in Fig. P8.50. Determine the maximum value of h allowed if there is to be no cavitation within the hose. Neglect minor losses.
Study of hci has become increasingly important : Explain the reasons why the study of HCI has become increasingly important for systems analysts and for the SDLC. please cite sources and use APA format there is just a 100 word minimum.
What are the main limitations of existing bond indexes : What are the main challenges involved in deciding how much to allocate to the performance-seeking portfolio versus the liability-hedging portfolio?
Successful information assurance programs : Successful information assurance programs apply industry standards and best practices to identify security risk and then form dynamic, crossfunctional teams, when required, to develop a plan to address these gaps in a way that is sensitive to the ..
What is meant by the dividends per share : What is the difference between the two earnings per share for General Mills for the period reported?- What is meant by the dividends per share?
Find the average friction factor over this range of data : Air at standard conditions flows through an 8-in.- diameter, 14.6-ft-long, straight duct with the velocity versus pressure drop data indicated in the following table.
What is the basic idea behind a dividend discount model : What is the basic idea behind a dividend discount model?-  What is meant by a market order?- What risk is an investor exposed to when placing a market order?
Discuss about the critical incidents and stress response. : Discuss about the Critical Incidents and Stress response.what happens physically and emotionally in these events and what some methods are that police management can use to reduce stress and provide treatment.

Reviews

Write a Review

 

Business Management Questions & Answers

  What role does such knowledge play in enabling

The court decision refers to the importance of the auditors knowing about third-party usage of the audited financial statements What role does such knowledge play in enabling auditors to meet their professional and ethical responsibilities?

  Formulate this as a linear programming problem

Formulate this as a linear programming problem.  -  Solve this problem graphically, giving the optimal values of all variables.

  Discuss an ethical situation in the past year

Discuss an ethical situation in the past year involving a company. Describe the ethical issue. Do you agree with how the firm handled the ethical issue, and why?

  Hub-and-spoke system after deregulation

In this module's chapters, we see how transportation carriers have continually adjusted their daily routines to increase productivity and profits. The institution of the hub-and-spoke system after deregulation is one sweeping change.

  Show the non-financial performance measures

Explain the three broad functions that manager's activities and responsibilities are classified into and provide an example that you are familiar with in each of these functions

  Professions codes of conduct ethics behaviour

You are required to choose two professional areas in which you have an interest and research those professions codes of conduct/ethics/ behaviour

  Management and control of your company

Propose the rights you would like your shareholders to have. Compare the costs and benefits that apply to your company specifically to make the decision of whether or not to "go public".

  Business question organizational changethe us workforce is

business question organizational changethe u.s. workforce is becoming increasingly diverse in terms of race gender

  Show role of federal enforcement agencies in the workplace

What role do federal enforcement agencies have in the workplace? Provide examples of how these agencies have affected your current or previous workplace.

  Credentialing committee in managed care organization

1. What is the role of the credentialing committee in a managed care organization? And why is this function so crucial? 2. What is the role of the medical director in a managed care organization? Why is this such a crucial role for the success of t..

  Receipt of cash from sale of groceries

Receipt of cash from sale of groceries.

  The strengths and weaknesses newborns infants and toddlers

Please help me to revise as well as analyze the strengths and weaknesses of each sentence of each sentence as well as revise the document therefore that it follows this chapter's guidelines. Our e-tailing company, Best Baby Gear concentrates in on..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd