User Account

All Pages

Developing strategies and controls for known vulnerabilities

Assignment Help Management Information Sys
Reference no: EM132910684

BIT361 Security Management and Governance - Melbourne Polytechnic

Case study scenario: (Moving Fast Supplies, MFS)

In discussing the questions below, you may use information from the MFS Case Study.

Q1. Risk management is focused on developing strategies and controls for known vulnerabilities. Contingency plans are strategies and tactics for dealing with unexpected events: what to do when the risk management processes fail.

A. List the components of contingency planning for information security.

B. Business Impact Analysis (BIA)is an important part of Contingency planning. Briefly describe the BIA process and explain its relevance to Incident Response, Disaster Recovery and Business Continuity Planning.

Q2.Formal policy development, implementation, and compliance are important to medium and large organisations.

A. Write a paragraph explaining the reasons why formal policy statements are essential in these organisations.

B. Describe what elements compliance statements should contain in a policy document.

C. Suggest a program to ensure awareness and compliance to the policy.

D. Describe how you could determine the success of your program?

Q3. MFS needs to determine how to prioritize the security arrangements for several of their assets. In brief discussions with them, you obtain the following information:

Asset Asset impacts Threats and vulnerabilities (Frequency)
Main Branch Server Services Little importance to profitability, little impact on public image, and little impact to the success of organisation Human error: Misconfiguration of software (2/yr), Hardware failure: Equipment lifetime failure (3/yr)
SafeTrans Software Some importance to profitability, Some impact on public image, little impact on success of organisation Incorrect entries (100/yr)
Product Design Data Important to profitability and public image, strong impact on the success of organisation Compromises to intellectual property: Copyright infringement (10/yr), patent infringement (1/5yr)
Product Installation Staff Essential to profitability, No impact on public image, Critical for the success of organisation Design Skills Shortage: Employee leaves (2/yr)

A. Using this information and your general knowledge, complete the following tables. Show all calculations.

B. When you have completed the tables, write a paragraph discussing the relative priorities of the assets and how that will affect security planning for these assets. You should include some discussion of the types of controls that should be considered for the different assets and their vulnerabilities.

Q4. MFS has identified several possible control measures for the improvement of their information security. Currently the data in Table 1 and Table 2 below has been determined.

A. Complete a Cost Benefit Analysis for the items in the tables below.You may need to add columns or rows. Show all calculations.

B. Discuss, in detail, which of these controls should be implemented, considered, or rejected.

Attachment:- Security Management and Governance.rar

Reference no: EM132910684

Questions Cloud

What is a customer order decoupling point : What is a customer order decoupling point? Why is it important? Take a company that you are aware of and identify the decoupling point.
Propose a strategic plan for amazon : Using your evaluation propose a strategic plan for Amazon using appropriate tools to explain and justify your strategic choices (with sources of theory and prac
Supply chain management and operations management : Build-to-order supply chain management and operations management? Form: introduction, body, conclusion.
Measuring for healthcare screenings : What roles/persons at the MACRO level would be most interested in measuring for healthcare screenings and why?
Developing strategies and controls for known vulnerabilities : Developing strategies and controls for known vulnerabilities. Contingency plans are strategies and tactics for dealing with unexpected events
Healthcare screenings at the meso level : What measures would you collect about healthcare screenings at the MESO level?
Association and corporate market segments : Cite and discuss the nature of the association and corporate market segments, including decision making, lead-time, types of meetings, and site selection crite
Focusing on healthcare screenings : What roles/persons at the MICRO level would be most interested in focusing on healthcare screenings?
Create positive culture through sustainable leadership : How does the leadership of Patagonia create a positive culture through sustainable leadership practices?

Reviews

len2910684

6/8/2021 4:25:03 AM

This is an open exam. I need to submit it by Wednesday noon Tomorrow. 1st document is the exam document. 2nd is the policy sample document which may come in handy for exam. 3rd is the case study for exams. Please complete it on time

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd