Running head: KUDLER FINE FOODS APPLICATION OF ROLES
1
KUDLER FINE FOODS APPLICATION OF ROLES
2
Kudler Fine Foods Application of Roles
CMGT 430
Kudler Fine Foods Application of Roles
Kudler Fine Foods is based in San Diego with three locations. The stores specialized in specialty Foods brought in from diverse parts of the world. Kudler Fine Food's mission is to provide the customers with the finest delicacies. The locations offer their customers outstanding customer services as well as wide variety of specially selected Foods and wines. Kudler Fine Foods must utilize their information systems to accomplish key business goals, such as operational proficiency, customer supplier intimacy, better decision making, and new products and services. Information systems are an fundamental part of organizations.
In reviewing the organizations structure, it is imperative to help the owner of Kudler Fine Foods value the importance of securing the organizations structure, organizational units, and big business functions. The organization accomplishes and manages employment by means of a structured chain of command and through its business processes, which are reasonably interrelatedtasks and behaviors for completing work. "Every business, regardless of its size, must perform four functions to succeed. It must produce the product or service; market and sell the product; keep track of accounting and financial transactions; and perform basic human resources tasks, such as hiring and retaining employees" (Loudon & Loudon, 2009, p. 13).
Kudler Fine Foods has six operational departments that span across the enterprise. To address the security needs of each of the organizations departments separating the duties will place limitations on employee’s potentials to damage or compromise the confidentiality,
Integrity and ease of use of Kudler Fine Foods. Separating duties within a business or organization helps limit any individual’s aptitude to cause mischief or commit theft. Meaning if someone is attempting to manipulate a system without management noticing, it would take multiple persons to work against it before it is successful. Therefore, as an example, if an employee is trying to give a vendor an extra money off on a shipment becausesomeone else oversees the course of action and must also approves the invoice and the inconsistency is recognizedbefore the transaction is finalized. sorting out the duties is a type of access control that is set upwhere an individual is not allowed to complete a duty concerning sensitive, imperative, or crucial information from start to finish. Therefore, management has control to put off risk. For an example,Kudler Fine Foods will be in the position to separate duties in Human Recourses department by separating the functions of accounts payable, accounts receivable processing and personnel. In each department security, procedures allow managing task and processing of information in a controlled method. It .
Running head KUDLER FINE FOODS APPLICATION OF ROLES 1KUDL.docx
1. Running head: KUDLER FINE FOODS APPLICATION OF
ROLES
1
KUDLER FINE FOODS APPLICATION OF ROLES
2
Kudler Fine Foods Application of Roles
CMGT 430
Kudler Fine Foods Application of Roles
Kudler Fine Foods is based in San Diego with three locations.
The stores specialized in specialty Foods brought in from
diverse parts of the world. Kudler Fine Food's mission is to
provide the customers with the finest delicacies. The locations
offer their customers outstanding customer services as well as
wide variety of specially selected Foods and wines. Kudler
Fine Foods must utilize their information systems to accomplish
key business goals, such as operational proficiency, customer
supplier intimacy, better decision making, and new products and
services. Information systems are an fundamental part of
organizations.
In reviewing the organizations structure, it is imperative to help
the owner of Kudler Fine Foods value the importance of
securing the organizations structure, organizational units, and
big business functions. The organization accomplishes and
manages employment by means of a structured chain of
command and through its business processes, which are
reasonably interrelatedtasks and behaviors for completing work.
2. "Every business, regardless of its size, must perform four
functions to succeed. It must produce the product or service;
market and sell the product; keep track of accounting and
financial transactions; and perform basic human resources tasks,
such as hiring and retaining employees" (Loudon &
Loudon, 2009, p. 13).
Kudler Fine Foods has six operational departments that span
across the enterprise. To address the security needs of each of
the organizations departments separating the duties will place
limitations on employee’s potentials to damage or compromise
the confidentiality,
Integrity and ease of use of Kudler Fine Foods. Separating
duties within a business or organization helps limit any
individual’s aptitude to cause mischief or commit theft.
Meaning if someone is attempting to manipulate a system
without management noticing, it would take multiple persons to
work against it before it is successful. Therefore, as an
example, if an employee is trying to give a vendor an extra
money off on a shipment becausesomeone else oversees the
course of action and must also approves the invoice and the
inconsistency is recognizedbefore the transaction is finalized.
sorting out the duties is a type of access control that is set
upwhere an individual is not allowed to complete a duty
concerning sensitive, imperative, or crucial information from
start to finish. Therefore, management has control to put off
risk. For an example,Kudler Fine Foods will be in the position
to separate duties in Human Recourses department by separating
the functions of accounts payable, accounts receivable
processing and personnel. In each department security,
procedures allow managing task and processing of information
in a controlled method. It is imperative that management and
information security come together to find out how and where to
apply the separations of duties (Merkow & Breithaupt, 2006,
3. p. 75, 76).
To further educate the organization about separation of duties,
the importance of roles and responsibilities must be addressed.
To maintain a successful information security department one
must set up how to identify roles instead of names, meaning
deciding what each person will operate. Allroles, task, and
authorization awareness is significant to everyone in the
organization. For this reason, there is no one approach to
address the roles and responsibilities of an organization. The
organization must assign security related task according to an
employee's skill sets. It will take layers of people from various
departments to form a successful security management team.
The security management team will consist of management, the
information security, information creators, users, and auditors.
Implementingand maintaining separation of duties also requires
another security control task, such as the standard of slightest
benefit. The standard of slightest benefit model ensures users
have the least amount of privileges for performing a
task.Thepayroll manager's role is divided into functions and
responsibility of several people. Therefore, taking the absolute
control from one person offers a huge benefit to the
organization because the code of least privilege eliminates
possible damage to the organization (Tipton & Krause, 2007).
Role based controls are centered on the roles that employees are
assigned to in a system. The user's identity is used to connect
him or her to resources, normally the role-based access control
(RBAC) models illustrates the responsibility and purpose inside
the organization. The benefit of this control allows the role base
access control (RBAC) method to assign access rights to roles
and not the users. This modus operandi is very functional
because the users are given distinguishing roles that are static
or self-motivated, based upon the user's tasks. Role based
4. access controls allow the option of having user roles set up with
relationships too many where as the user is connected to many
roles and assigned rights to various possessions. Every role
must have the least amount of permissions and only those
essential for a definite role. The user is usually given a task that
permits a function to function using resources vital for that role.
The role based access control allows numerous users designated
to the same task utilizing a bare minimum set of permissions
(Stallings & Brown, 2012, p. 121).
The distributed trust management approach at Kudler Fine
Food's entails articulating company policies and access control.
The best way to handle distributed trust issues at Kudler Fine
Foods' is for clients to embrace the Internet commerce
representation and trust the electronic trading environment at
Kudler. The company must also provide a Secure Socket Layer
(SSL) protocol and Web server digital certificates to guarantee
a secure environment for customers to securely make payment
such as credit card either online or in store (Merkow &
Breithaupt, 2006). When customer connect to a safe business
site, its eliminate any trust issues and customers trust the
identity of the site and are willing to send personal information
on the business on the other side of the network link (Apollo
Group, Inc., 2015). Also, employee relations supervisor “tracks
information about complaints, trust management issues,
grievances, harassment complaints, etc.” (Apollo Group, Inc.,
2015) and reports directly to the HR Manager. The supervisor is
responsible for maintaining awareness of possible employee
conflicts, and aids in preventing any trust issue.
In conclusion, in many organizations and businesses, the end
users do not have the right to own the information that they
access on a daily bases. For Kudler Fine Foods, the business is
the real possessor of structural objects, and unrestricted right of
entry control may not be suitable. "Role-Based Access Control
5. (RBAC) is a nondiscretionary access control mechanism which
allows and promotes the central administration of the
organizational specific security policy" (Stallings &
Brown, 2012, p. 341).
References
Apollo Group, Inc. (2015). Riordan Manufacturing History.
Retrieved from
https://ecampus.phoenix.edu/secure/aapd/cist/vop/Business/Rior
dan/index.asp
Apollo Group, Inc. (2015). Human Resources. HRIS System.
Retrieved from
https://ecampus.phoenix.edu/secure/aapd/cist/vop/Business/Rior
dan/HR/OrgCharts.asp?exec
Laudon, K., & Laudon, J. (2009). Essentials of Management
Information Systems (8th Ed.). : Pearson.
Merkow, M., & Breithaupt, J. (2006). Pearson Education, Inc.
(2006). Information Security: Principles and Practices Pearson
Education, Inc. Education, Inc.
Stallings, W., & Brown, L. (2012). Computer Security:
Principles and Practice, (2nd Ed.). Prentice Hall.
Tipton, H., & Krause, M. (2007). Security management (6th
ed.). : Auerbach Publications.
Content and Organization
11 Percent
Percent Earned:
Comments:
6. All key elements of the assignment are covered in a substantive
way.
· Write a 1,100- to 2,200-word persuasion paper
· Format your paper consistent with APA guidelines
· Submit paper on time
The content is comprehensive, accurate, and/or persuasive.
The paper develops a central theme or idea, directed toward the
appropriate audience.
The paper links theory to relevant examples of current
experience and industry practice and uses the vocabulary of the
theory correctly.
Major points are stated clearly; are supported by specific
details, examples, or analysis; and are organized logically.
Cover what concerns and potential actions the organization
should take for each of the following areas:
· Provision of organization data and access on an organizational
website
· How to allow mobile access to organizational system users
(employees, contractors, and business partners)
· Use of cloud resources such as processing and data storage
outside the organization’s physical locations
Note. Brief the organization on the major issues involved but
7. keep each section succinct.
The introduction provides sufficient background on the topic
and previews major points.
The conclusion is logical, flows from the body of the paper, and
reviews the major points.
Readability and Style
2 Percent
Percent Earned
Comments:
Paragraph transitions are present and logical and maintain the
flow throughout the paper.
The tone is appropriate to the content and assignment.
Sentences are complete, clear, and concise.
Sentences are well-constructed, with consistently strong, varied
sentences.
8. Sentence transitions are present and maintain the flow of
thought.
Mechanics
2 Percent
Percent Earned
Comments:
The paper, including the title page, reference page, tables, and
appendices, follow University of Phoenix incremental
formatting guidelines.
Citations of original works within the body of the paper follow
University of Phoenix incremental formatting guidelines.
The paper is laid out with effective use of headings, font styles,
and white space.
Rules of grammar, usage, and punctuation are followed.
Spelling is correct.