Reference no: EM13341811

The headquarters of Hall Corporation, a private company with $3.5 million in annual sales, is located in California. Hall provides over 150 clients with online data and software backup services. Hall has grown rapidly since its inception about three years ago. Hall Corporation recently relocated to a larger building to accommodate this growth. Hall's president and sales employees spend a majority of time out of the office soliciting new clients. Therefore, the IT employees designed and organized the office and IT facilities. 

The company relocated to a remodeled warehouse in a redevelopment zone in downtown Sacramento. The architects retained much of the original structure, including the wooden-shingled exterior and exposed wooden beams throughout the interior. The IT employees designed a large 'fish bowl' office in the center of the building with high ceilings and several skylights. The employees feel that the 'open' design makes the IT department easily accessible, and encourages a team approach to problem-solving.

Before Hall officially moved into the building, the city building inspector and Fire Marshall toured the facility, checked electrical wiring, fire extinguishers, emergency exits, and other safety features. The Fire Marshall noted that overhead sprinklers are not required because the warehouse is designated as a 'historic' structure.

Hall's system automatically creates a differential backup every Sunday night, so business operations aren't disrupted. Backup drives are manually labeled each Monday morning and shelved in a bookcase in the IT department, so they are readily available if needed. The system operating manuals are also stored in the bookcase, so even a novice IT employee could restore from backup drives if necessary. A directory of employee names and cell numbers is taped to the side of the bookcase in case of emergency.

Access to the building is restricted by a keypad, for which every employee must memorize the passcode number. A video surveillance system monitors the reception area and parking lot. Each IT employee has a unique user ID and password for access to the network. Hall increased its liability and business insurance coverage to $100,000 when they relocated.

Required:

1. Identify and explain at least three weaknesses in IT security.

2. Identify and explain at least three weaknesses not directly related to IT security.

3. Identify at least six features of an adequate disaster recovery plan.

Assignment

1. Read "Controlsover Information Systems" pages 64-66 in the COSO Enterprise Risk Management-Integrated Framework.

2. Read "Availability" pages 78-82 in the Pearson custom text.

3. There are several references to COBIT in the reading on Availability. Refer to Wikipedia for questions 4 through 6. You may also need to utilize other sites to fully answer question 5.

4. For what is COBIT an acronym?

5. How are COBIT and COSO related?

6. What are the four "domains" of COBIT?

7. Back to COSO. How are logical access controls different from physical access controls discussed in homework 11?

8. Read "Change Control" page 83 in the Pearson custom text.

9. Read and respond to the questions regarding Hall Corporation, described in a separate Word document.