Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
CMGT 442 Entire course       (Information Systems Risk Management)                      PLEASE DOWNLOAD HERECMGT/442 Versi...
Finalize and submit the risk assessment.Learning TeamRisk Assessment PresentationFinalize and submit the Microsoft® PowerP...
· Based on the Barr (2007) article, what changes would you recommend for theInformation Security Forum’s 2007 Standard? Wh...
Upcoming SlideShare
Loading in …5
×

Cmgt 442 entire course (information systems risk management)

187 views

Published on

  • Be the first to comment

  • Be the first to like this

Cmgt 442 entire course (information systems risk management)

  1. 1. CMGT 442 Entire course (Information Systems Risk Management) PLEASE DOWNLOAD HERECMGT/442 Version 4 Information Systems Risk ManagementIndividualService Request SR-HT-001Prepare a 3- to 5-page paper describing the considerations necessary to addressthe possible security requirements and the possible risks associated with theBenefits Elections Systems being requested by the Service Request, SR-HT-001for Huffman Trucking Company.IndividualSecurity MonitoringPrepare a 3- to 5-page paper describing the security monitoring activities thatshould be conducted in an organization with both internal IT (payroll, humanresources, inventory, general ledger, and so on) and e-commerce (Internet salesand marketing) applications. The paper will include the rationale supporting eachmonitoring activity you propose and any recommended course of action to betaken when a significant risk is identified.IndividualOutsourcing RisksPrepare a 3- to 5-page paper that identifies the possible risks to anorganization in each of the following outsourcing situations: a) the use ofan external service provider for your data storage; b) the use of anenterprise service provider for processing information systemsapplications such as a payroll, human resources, or sales order taking; c)the use of a vendor to support your desktop computers; and d) the use of avendor to provide network support. The paper will include a risk mitigationstrategy for each situation. One mitigation strategy, because of personneland facility limitations, cannot be proposed in the paper, because iteliminates the outsourcing by bringing the situation in house.Learning TeamRisk Assessment Project
  2. 2. Finalize and submit the risk assessment.Learning TeamRisk Assessment PresentationFinalize and submit the Microsoft® PowerPoint® presentation.Week One Discussion Questions· Based on the Ledford (2011) article, what special issues must be considered forcorporate data which are not fully digitized? What are the risks associated withthe loss of these data? What recovery procedures do you recommend for thesesituations?· Based on the Barr (2011) article, what special issues must be addressed for arisk management strategy that supports user-facing, web-based systems? Whatare the risks associated with disruption of these systems?Week Two Discussion Questions· Based on the Keston (2008) article, how important is enterprise identitymanagement for reducing risk throughout the enterprise? Explain why a viablerisk management strategy must include, at a minimum, a solid enterprise identitymanagement process.· Based on the Barr (2011) article, what software must be considered to provideadequate security management across the enterprise?Week Three Discussion Questions· Based on the Barr (2009) article, do you think the private sector must employsomething similar to the Federal Government’s Continuity of Operations Process(COOP) as an integral part of their enterprise risk management plan? What arethe major issues to consider?· Based on the Ledford (2011) article, do you think the Federal InformationSecurity Management Act (FISMA) might provide the basis for a standardframework for enterprise risk management adaptable to the private sector? Whatare the major issues to consider?Week Four Discussion Questions· Based on the Ainsworth (2009) article, might an effective risk management planbe considered a process that may restore all systems, businesses, processes,facilities, and people? What are the major issues to consider?
  3. 3. · Based on the Barr (2007) article, what changes would you recommend for theInformation Security Forum’s 2007 Standard? Which of these changes must beincorporated into the enterprise’s risk management plan?Week Five Discussion Questions· Based on the Drumheller (2011) article, do you consider conducting aninformation security gap analysis on a regular basis an essential best practice forensuring enterprise risk management? What are the major factors to considerwhen conducting an information security gap analysis?· With all the information you have from this class, think about what you haveread and tell me what you see as the value technology and IT will deliver to thebusiness and what will IT look like at the time. Will everything be outsourced? Will there even be a IT department?

×