User Account

All Pages

How your team plans to perform the risk assessment

Assignment Help Basic Computer Science
Reference no: EM132442908

To prepare for this Project, consider that you are the employee of a large, fictitious organization. Provide a name for the organization. Do not use the name of a real organization. Create a detailed background of the organization, addressing the following items:

Country where the headquarters is located

Nature of the business

General organizational structure (including lines of authority and communications)

Country/ies of operation

You are a member of the information security team at the organization that you have described, and you will address the responsibilities of your role in future units.

You will refer to this same fictitious organization that you create for this assignment in the Projects assigned in the following units. This Project will involve identifying a gap related to identity and access management, choosing an identity and access management tool, and presenting your results to your management. You will also develop security metrics and a high- level security strategy that shows key goal indicators that are well aligned with business objectives and present your results to your management and executives. Keep this in mind as you work through these assignments.

Risk Assessment

Successful information assurance programs apply industry standards and best practices to identify security risk and then form dynamic, crossfunctional teams, when required, to develop a plan to address these gaps in a way that is sensitive to the needs of key stakeholders.

To prepare for the Project in this unit, assume that the fictitious organization is large and growing rapidly, with both internal and external IT risks involving employees, customers, business partners, suppliers, and contractors. Clearly state any other assumptions you make.

You have been asked to assess risks associated with access and authorization in your organization. Develop a brief scenario that depicts a threat related to access and authorization. Below are two example use cases for a single scenario to guide you. You will need to develop your own scenario as well as your own use cases.

Use Case 1: Employee Provisioning-There needs to be an enterprise process for employee account provisioning. This should include setting up employees with the correct access rights, based on their role. When employees change roles, their access should be appropriately changed. Today, employees are given access to resources using Active Directory groups. When they go to a new job, the old access rights often are not removed like they should be, and this is a security concern.

Use Case 2: Separation of Duties-Administrators need a high level of access for their jobs. Today, their credentials allow them to administer servers and create accounts locally on the servers and in Active Directory. They can also edit log files and delete accounts and groups in Active Directory. This is a security concern, and roles should be set up so server administrators can do their job but not the job of an Active Directory administrator. The role that is allowed to create accounts should not be able to create new roles, and managers should approve new accounts. Keeping an administrator's access in line with his or her role is a best practice, and it may be required by regulations such as Sarbanes-Oxley.

Please develop at least two others and explain them.

Write a 7- to 8-page paper about the risk assessment process that you plan to perform. Cover the following points:

Your introduction should include the following background information:

The country where the headquarters is located

The nature of the organization's operations

The general organizational structure

The country/ies in which the organization operates

In describing the scenario and the two use cases you created, you should include the following regarding risk assessment planning:

How your team plans to perform the risk assessment and identify the gap

What other teams would be involved in a successful risk assessment

How poor access and authorization management affects security risk and business processes

Who the stakeholders are and the most important activities they may perform that involve accessing data and resources.

Reference no: EM132442908

Questions Cloud

How behavior alter by administering positive consequences : Explains how behavior can be altered by administering positive or negative consequences to actions of employees. Behavior with positive consequences tends.
Discuss importance of preprocessing the datasets : Discuss the importance of preprocessing the datasets to ensure better data quality for data mining techniques.
Hurricane katrina disaster area : Select major organization that was located in the Hurricane Katrina disaster area. what might be added to the organization's contingency plan
Examine the major influences that organizational culture : Examine the major influences that organizational culture can have on organizational ethical decision making. From your personal experience in your current.
How your team plans to perform the risk assessment : How your team plans to perform the risk assessment and identify the gap. What other teams would be involved in a successful risk assessment.
Describe the objective for the communication : Using the Communications Template, identify two overall issues that are present in the final project case that can be addressed using internal.
Unit covered many strategies on marketing : This unit covered many strategies on marketing and advertising for e-commerce sites. how each strategy will help company's new brand of apparel for young adults
How the functions can help to achieve organization success : Create a 5 slide PowerPoint presentation on the human resource functions within an organization that focuses on global expansion. Also, write a 2 page paper.
Sampling to reduce the number of data objects : Discuss the advantages and disadvantages of using sampling to reduce the number of data objects that need to be displayed.

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Identifies the cost of computer

identifies the cost of computer components to configure a computer system (including all peripheral devices where needed) for use in one of the following four situations:

  Input devices

Compare how the gestures data is generated and represented for interpretation in each of the following input devices. In your comparison, consider the data formats (radio waves, electrical signal, sound, etc.), device drivers, operating systems suppo..

  Cores on computer systems

Assignment : Cores on Computer Systems:  Differentiate between multiprocessor systems and many-core systems in terms of power efficiency, cost benefit analysis, instructions processing efficiency, and packaging form factors.

  Prepare an annual budget in an excel spreadsheet

Prepare working solutions in Excel that will manage the annual budget

  Write a research paper in relation to a software design

Research paper in relation to a Software Design related topic

  Describe the forest, domain, ou, and trust configuration

Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure.

  Construct a truth table for the boolean expression

Construct a truth table for the Boolean expressions ABC + A'B'C' ABC + AB'C' + A'B'C' A(BC' + B'C)

  Evaluate the cost of materials

Evaluate the cost of materials

  The marie simulator

Depending on how comfortable you are with using the MARIE simulator after reading

  What is the main advantage of using master pages

What is the main advantage of using master pages. Explain the purpose and advantage of using styles.

  Describe the three fundamental models of distributed systems

Explain the two approaches to packet delivery by the network layer in Distributed Systems. Describe the three fundamental models of Distributed Systems

  Distinguish between caching and buffering

Distinguish between caching and buffering The failure model defines the ways in which failure may occur in order to provide an understanding of the effects of failure. Give one type of failure with a brief description of the failure

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd