User Account

All Pages

Create a report for company that identifies key components

Assignment Help Computer Engineering
Reference no: EM133573065

Report Assignment

You have been hired to help a small retail company with their risk management program. Below are some specifics about the company:

A. The company consists of 30 employees spread across 3 locations in Denver (USA), Quebec City (Canada), and Nice (France).

B. The company has retail locations in Denver and Nice along with an online presence (serving the US, Canada, and Europe). A small product design team is located in Quebec City.

C. The three locations are connected to each other via VPN connections using the Internet. The main hardware (very small data center) is located in the Denver office. They do not currently have a backup/redundant data center.

D. The company currently has 2 full time IT professionals (Denver and Nice). These professionals would be responsible for managing the company's IT risk management program.

E. The company is required to comply with PCI-DSS, California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), and the Personal Information Protection and Electronic Documents Act (PIPEDA)

Your task is to create a report for the company that identifies some of the key components of risk management and addresses their current concerns. Take into account the items above, along with the concerns identified below:

A. Risk management is fairly new to the company, make sure to fully define/describe the concepts the rubric is looking for.

B. Create a risk register using the 3 risks below and include the following information:

1. Risk Description: Information about the risk itself, including relevant threats, vulnerabilities, and consequences

2. Affected Assets: Information about assets or asset groups that are affected by the risk (you can generalize this somewhat as you don't have many specific details)

3. Risk Score: Information about the probability and impact of threat occurrence, expressed in qualitative terms (Low - Medium - High)

4. Risk treatment Analysis: Information about the potential impact of various risk treatment options

5. Risk Treatment: Information of risk treatment you suggest the company should implement and why (citing other companies/examples can help with this)

Three risks have been identified by the company as pressing issues:

I. Potential for a data breach of sensitive customer information located on various (electronic) company resources.

II. Potential for a disruption to the physical retail locations where customers would not be able to visit or make purchases from these 2 locations.

III. Potential for a catastrophic disruption at the Denver location which would render the data center unavailable, causing an interruption to all locations, including the online presence.

C. The company has noticed an increase in phishing emails and is worried about malware. Using the scenario of malware install via a phishing email, create an incident response playbook by using the phases/steps of security incident response (chapter 5) describing what each phase is and the activities that would occur for the company in this scenario.

D. Some aspects of a full risk management program may be out of the scope/knowledge for the company to manage internally. Research 3 companies that provide IT risk management/security program management services that can assist the company. Make sure to include for each:

1. Company name, location, website (should be in the US as that is where the main company data center is located)

2. Summary of services provided

3. Reason why you are proposing this company as an option (can include current customers to help validate)

Reference no: EM133573065

Questions Cloud

Discuss the pros and cons of vertical integration : Discuss the pros and cons of vertical integration. How does the structure of an industry drive the need for vertical integration?
Describe the internal organisational information : Briefly describe the difference between internal organisational information and external organisational information needs. Provide two (2) examples of each.
What might have been a better way for them to deal : What might have been a better way for them to deal with the Christians who, for their monotheistic faith, refused to worship Roman gods?
What are the potential hazards involved : what are the potential hazards involved, i.e. the hazards present prior to the incident occurring? Are the risks identified above acceptable in our company
Create a report for company that identifies key components : Your task is to create a report for the company that identifies some of the key components of risk management and addresses their current concerns.
What were some of the reasons for these qualifiers : concerning citizenship and identity during this period - who was considered "American" and who was not? What were some of the reasons for these qualifiers
Explain state actions and other developments : What is less clear is the ways in which realism might explain state actions and other developments during the interwar period
What is the impact of it on their operations strategy : How people's connections at Toyota are different from other companies? What is the impact of it on their operations strategy? Explain.
What aspect of environment was undermining directoss efforts : A new nursing director wanted to change some policies but encountered pushback from employees who wanted to keep things the way they had always been done.

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd