Eli Lilly is All In on Salesforce App Cloud. How They Did It and You Can Too!Dreamforce
You've chosen Salesforce (Force.com and Heroku) as your development platform for rapid app dev and innovation. But technology will only get you halfway there. Hear from the IT leaders at Eli Lilly on how they architected their teams, their orgs, and their process to deliver rapid innovation to their entire enterprise. Watch the video now: https://www.youtube.com/watch?v=puB_YyvcTRE
GLOBAL ASSET, INC. (GAI) Global Asset, Inc. (GAI) is a fin.docxbudbarber38650
GLOBAL ASSET, INC. (GAI)
Global Asset, Inc. (GAI) is a financial company that manages thousands of accounts across Canada, the United
States, and Mexico. A public company traded on the NYSE, GAI specializes in financial management, loan
application approval, wholesale loan processing, and investment of money management for their customers.
GAI employs over 1,600 employees and has been experiencing consistent growth keeping pace with S&P averages
(approximately 8%) for nearly six years. A well-honed management strategy built on scaling operational
performance through automation and technological innovation has propelled the company into the big leagues; GAI
was only recently profiled in Fortune Magazine.
The executive management team of GAI:
CEO
John Thompson
Vice Presidnet
Trey Elway
Executive
Assistant
Julie Anderson
Executive
Assistant
Kim Johnson
Executive
Assistant
Michelle Wang
CFO
Ron Johnson
COO
Mike Willy
CCO
Andy Murphy
Director of
Marketing
John King
Director of HR
Ted Young
Figure 1 GAI Management Organizational Chart
BACKGROUND AND YOUR ROLE
You are the Computer Security Manager educated, trained, and hired to protect the physical and operational
security of GAI’s corporate information system.
You were hired by COO Mike Willy and currently report to the COO. You are responsible for a $5.25m
annual budget, a staff of 11, and a sprawling and expansive data center located on the 5
th
floor of the
corporate tower. This position is the pinnacle of your career – you are counting on your performance here
to pave the way into a more strategic leadership position in IT, filling a vacancy that you feel is so
significantly lacking from the executive team.
There is actually a reason for this. CEO John Thompson believes that the IT problem is a known quantity –
that is, she feels the IT function can be nearly entirely outsourced at fractions of the cost associated with
creating and maintaining an established internal IT department; the CEO’s strategy has been to prevent IT
from becoming a core competency since so many services can be obtained from 3
rd
parties. Since the CEO
has taken the reigns two years ago, the CEO has made significant headway in cutting your department’s
budget by 30% and reducing half of your staff through outsourcing. This has been a political fight for you:
maintaining and reinforcing the relevance of an internal IT department is a constant struggle. COO Willy’s
act of hiring you was, in fact, an act of desperation: the increasing operational dependence on technology
combined with a diminishing IT footprint gravely concerned Jacobson, and he begged to at least bring in a
manager to whom these obligations could be delegated to. Jacobson’s worst nightmare is a situation where
the Confidentiality, Integrity, and Availability of the information system was compromised – bringing the
company to its knees – then having to rely.
How a Salesforce CI/CD Suite Positions You as a LeaderAutoRABIT
A Salesforce CI/CD suite is an important aspect of a fully optimized DevOps pipeline which supports your company as an emerging leader in your industry.
What's new at Elastic: Update on major initiatives and releasesElasticsearch
The first technical talk of the event will highlight the latest releases at Elastic with specific insight into how those changes impact public sector projects. See the inside view of the most important capabilities and hear predictions on the developments that will be most applicable in our industry.
IoT, M2M: Three Events, Three Takeaways, Three To-Dos (IoT & The Connected De...ReidCarlberg
Yes, the IoT is upon us. But what do we need to do to make it come to life? I've attended three big events recently. I share what I learned and I offer three //todos. First presented at M2M Evolution in Miami, January 30, 2014
Eli Lilly is All In on Salesforce App Cloud. How They Did It and You Can Too!Dreamforce
You've chosen Salesforce (Force.com and Heroku) as your development platform for rapid app dev and innovation. But technology will only get you halfway there. Hear from the IT leaders at Eli Lilly on how they architected their teams, their orgs, and their process to deliver rapid innovation to their entire enterprise. Watch the video now: https://www.youtube.com/watch?v=puB_YyvcTRE
GLOBAL ASSET, INC. (GAI) Global Asset, Inc. (GAI) is a fin.docxbudbarber38650
GLOBAL ASSET, INC. (GAI)
Global Asset, Inc. (GAI) is a financial company that manages thousands of accounts across Canada, the United
States, and Mexico. A public company traded on the NYSE, GAI specializes in financial management, loan
application approval, wholesale loan processing, and investment of money management for their customers.
GAI employs over 1,600 employees and has been experiencing consistent growth keeping pace with S&P averages
(approximately 8%) for nearly six years. A well-honed management strategy built on scaling operational
performance through automation and technological innovation has propelled the company into the big leagues; GAI
was only recently profiled in Fortune Magazine.
The executive management team of GAI:
CEO
John Thompson
Vice Presidnet
Trey Elway
Executive
Assistant
Julie Anderson
Executive
Assistant
Kim Johnson
Executive
Assistant
Michelle Wang
CFO
Ron Johnson
COO
Mike Willy
CCO
Andy Murphy
Director of
Marketing
John King
Director of HR
Ted Young
Figure 1 GAI Management Organizational Chart
BACKGROUND AND YOUR ROLE
You are the Computer Security Manager educated, trained, and hired to protect the physical and operational
security of GAI’s corporate information system.
You were hired by COO Mike Willy and currently report to the COO. You are responsible for a $5.25m
annual budget, a staff of 11, and a sprawling and expansive data center located on the 5
th
floor of the
corporate tower. This position is the pinnacle of your career – you are counting on your performance here
to pave the way into a more strategic leadership position in IT, filling a vacancy that you feel is so
significantly lacking from the executive team.
There is actually a reason for this. CEO John Thompson believes that the IT problem is a known quantity –
that is, she feels the IT function can be nearly entirely outsourced at fractions of the cost associated with
creating and maintaining an established internal IT department; the CEO’s strategy has been to prevent IT
from becoming a core competency since so many services can be obtained from 3
rd
parties. Since the CEO
has taken the reigns two years ago, the CEO has made significant headway in cutting your department’s
budget by 30% and reducing half of your staff through outsourcing. This has been a political fight for you:
maintaining and reinforcing the relevance of an internal IT department is a constant struggle. COO Willy’s
act of hiring you was, in fact, an act of desperation: the increasing operational dependence on technology
combined with a diminishing IT footprint gravely concerned Jacobson, and he begged to at least bring in a
manager to whom these obligations could be delegated to. Jacobson’s worst nightmare is a situation where
the Confidentiality, Integrity, and Availability of the information system was compromised – bringing the
company to its knees – then having to rely.
How a Salesforce CI/CD Suite Positions You as a LeaderAutoRABIT
A Salesforce CI/CD suite is an important aspect of a fully optimized DevOps pipeline which supports your company as an emerging leader in your industry.
What's new at Elastic: Update on major initiatives and releasesElasticsearch
The first technical talk of the event will highlight the latest releases at Elastic with specific insight into how those changes impact public sector projects. See the inside view of the most important capabilities and hear predictions on the developments that will be most applicable in our industry.
IoT, M2M: Three Events, Three Takeaways, Three To-Dos (IoT & The Connected De...ReidCarlberg
Yes, the IoT is upon us. But what do we need to do to make it come to life? I've attended three big events recently. I share what I learned and I offer three //todos. First presented at M2M Evolution in Miami, January 30, 2014
Information technology lays out its strategies for using technology and infrastructure to help the company reach its goals. Plans are consistent with available means. There are also a number of novel ideas presented that might be included into the strategy to further improve the outcome. The PMCASPL IT department will aid the company's growth by offering a wide range of IT services such as evaluating data from various units and drawing conclusions on how to proceed with business. IT-employee policy, AI/ML integration, blockchain in AQMS, website/app development (Android/iOS), social media account management (technical side), ERP/ERP enterprise resource planning, cyber security, server system, IT communication, networking setup and management, hardware support, software support, cloud service, and backup system are all within the purview of the IT department. As a result, the IT department will offer technical assistance and creative ideas that add value to the company, allowing it to better carry out its commercial operations.
Focus your efforts, achieve results and scale your technology with Intacct
You work for a fast-growing company. As a finance professional, you hoped for rapid adoption of your product—and the increased revenue that accompanies it—but your growth is beginning to outpace your finance team’s capabilities.
Enter cloud accounting.
Cloud-based accounting solutions offer numerous tools to businesses in your situation, providing multiple modules to handle everything from GL to multi-currency transactions. They offer the flexibility to customize the solution to work the way you do, and the capability to integrate with nearly any outside software package. These cloud solutions can be especially effective for fast-growing technology companies.
Businesses involved in mergers and acquisitions must exercise due di.docxdewhirstichabod
Businesses involved in mergers and acquisitions must exercise due diligence in ensuring that the technology environment of the future organization is robust and adequately protects their information assets and intellectual property.. Such an effort requires time and open sharing to understand the physical locations, computing environment, and any gaps to address. Lack of information sharing can lead to a problematic systems integration and hamper the building of a cohesive enterprise security posture for the merged organization.
Often the urgency of companies undergoing a merger and acquisition (M&A) impedes comprehensive due diligence, especially in cybersecurity. This creates greater challenges for the cybersecurity engineering architect, who typically leads the cybersecurity assessment effort and creates the roadmap for the new enterprise security solution for the future organization. However, the business interest and urgency in completing the merger can also represent an opportunity for CISOs to leverage additional resources and executive attention on strategic security matters.
In this project, you will create a report on system security issues during an M&A. The details of your report, which will also include an executive briefing and summary, can be found in the final step of the project.
There are nine steps to the project. The project as a whole should take two weeks to complete. Begin with the workplace scenario and then continue to Step 1.
Deliverable
Cybersecurity for a Successful Acquisition, Slides to Support Executive Briefing
Step 1: Conduct a Policy Gap Analysis
As you begin Step 1 of your system security report on cybersecurity for mergers and acquisitions, keep in mind that the networks of companies going through an M&A can be subject to cyberattack. As you work through this step and the others, keep these questions in mind:
Are companies going through an M&A prone to more attacks or more focused attacks?
If so, what is the appropriate course of action?
Should the M&A activities be kept confidential?
Now, look at the existing security policies in regard to the acquisition of the media streaming company. You have to explain to the executives that before any systems are integrated, their security policies will need to be reviewed.
Conduct a policy gap analysis to ensure the target company's security policies follow relevant industry standards as well as local, state, and national laws and regulations. In other words, you need to make sure the new company will not inherit any statutory or regulatory noncompliance from either of the two original companies. This step would also identify what, if any, laws and regulations the target company is subject to. If those are different from the laws and regulations the acquiring company is subject to, then this document should answer the following questions:
How would you identify the differences?
How would you learn about the relevant laws and regulations?
How would .
This document brings together a set of latest data points and publicly available information relevant for Platforms & Applications Industry. We are very excited to share this content and believe that readers will benefit from this periodic publication immensely.
In the last past months we at RockeTier were working with several large organizations in three aspects: 1) boosting existing software performance (lean projects); 2) design new systems which are capable process billions of events per day based on commodity hardware and software and 3) establishing processes in large organization that support the life cycle of performance from event management, problem management to establishing a continues performance boosting to the organization systems from RFI to production. This presentation was presented to a large telecommunication industry company. This company is considering implementing a 360 degrees performance boosting project along its main product lines.
Maximizing ROI with Legacy Application MigrationMindfire LLC
A legacy application is a framework or system that is primarily old-fashioned or obsolete. These are frameworks, systems, or equipment that keeps being utilized regardless of their outmoded build. Usually, they’re on-premises applications or frameworks that organizations have been using and have used for a very long time. They usually include applications that run on old languages like COBOL or old operating systems. They can include anything from CRM tools to custom and industry-explicit applications.
Bullzeye is a discount retailer offering a wide range of products,.docxCruzIbarra161
Bullzeye is a discount retailer offering a wide range of products, including: home goods, clothing, toys, and food. The company is a regional retailer with 10 brick-and-mortar stores as well as a popular online store. Due to the recent credit card data breaches of various prominent national retail companies (e.g., Target, Home Depot, Staples), the Bullzeye Board of Directors has taken particular interest in information security, especially as it pertains to the protection of credit cardholder data within the Bullzeye environment. The Board has asked executive management to evaluate and strengthen the enterprise’s information security infrastructure, where needed.
In order to respond to the Board regarding their preparedness for a cyber-security attack, the Chief Financial Officer (CFO) has engaged your IT consulting firm to identify the inherent risks and recommend control remediation strategies to prevent or to detect and appropriately respond to data breaches. Your firm has been requested to liaison with the Internal Audit Department during the engagement. Your first step is to gain an understanding of Bullzeye’s IT environment. The Chief Audit Executive (CAE) schedules a meeting with key Bullzeye leadership personnel, including the CFO, Chief Information Officer (CIO), and Chief Information Security Officer (CISO).
The following key information was obtained.
Background
IT Security Framework/Policy -
Bullzeye has an information security policy, which was developed by the CISO. The policy was developed in response to an internal audit conducted by an external firm hired by the CAE. The policy is not based on one specific IT control framework but considers elements contained within several frameworks. An information security committee has been recently formed to discuss new security risks and to develop mitigation strategies.
The meeting will be held monthly and include the CISO and other key IT Directors reporting to the CIO.
In addition, a training program was implemented last year in order to provide education on various information security topics (e.g., social engineering, malware, etc.). The program requires that all staff within the IT department complete an annual information security training webinar and corresponding quiz. The training program is complemented by a monthly e-mail sent to IT staff, which highlights relevant information security topics.
General IT Environment -
Most employees in the corporate office are assigned a standard desktop computer, although certain management personnel in the corporate and retail locations are issued a laptop if they can demonstrate their need to work remotely. The laptops are given a standard Microsoft Windows operating system image, which includes anti-malware/anti-virus software and patch update software among others. In addition, new laptops are now encrypted; however, desktops and existing laptops are not currently encrypted due to budget concerns. The user provisioning.
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a.docxbudbarber38650
GLOBAL FINANCE, INC. (GFI)
Global Finance, Inc. (GFI) is a financial company that manages thousands of accounts across Canada, the United
States, and Mexico. A public company traded on the NYSE, GFI specializes in financial management, loan
application approval, wholesale loan processing, and investment of money management for their customers.
GFI employs over 1,600 employees and has been experiencing consistent growth keeping pace with S&P averages
(approximately 8%) for nearly six years. A well-honed management strategy built on scaling operational
performance through automation and technological innovation has propelled the company into the big leagues; GFI
was only recently profiled in Fortune Magazine.
The executive management team of GFI:
CEO
John Thompson
Vice Presidnet
Trey Elway
Executive
Assistant
Julie Anderson
Executive
Assistant
Kim Johnson
Executive
Assistant
Michelle Wang
CFO
Ron Johnson
COO
Mike Willy
CCO
Andy Murphy
Director of
Marketing
John King
Director of HR
Ted Young
Figure 1 GFI Management Organizational Chart
BACKGROUND AND YOUR ROLE
You are the Computer Security Manager educated, trained, and hired to protect the physical and operational
security of GFI’s corporate information system.
You were hired by COO Mike Willy and currently report to the COO. You are responsible for a $5.25m
annual budget, a staff of 11, and a sprawling and expansive data center located on the 5
th
floor of the
corporate tower. This position is the pinnacle of your career – you are counting on your performance here
to pave the way into a more strategic leadership position in IT, filling a vacancy that you feel is so
significantly lacking from the executive team.
There is actually a reason for this. CEO John Thompson believes that the IT problem is a known quantity –
that is, she feels the IT function can be nearly entirely outsourced at fractions of the cost associated with
creating and maintaining an established internal IT department; the CEO’s strategy has been to prevent IT
from becoming a core competency since so many services can be obtained from 3
rd
parties. Since the CEO
has taken the reigns two years ago, the CEO has made significant headway in cutting your department’s
budget by 30% and reducing half of your staff through outsourcing. This has been a political fight for you:
maintaining and reinforcing the relevance of an internal IT department is a constant struggle. COO Willy’s
act of hiring you was, in fact, an act of desperation: the increasing operational dependence on technology
combined with a diminishing IT footprint gravely concerned Jacobson, and he begged to at least bring in a
manager to whom these obligations could be delegated to. Jacobson’s worst nightmare is a situation where
the Confidentiality, Integrity, and Availability of the information system was compromised – bringing the
company to its knees – then having to .
Discussion post unit 6For your assigned topic, please discuss .docxJeniceStuckeyoo
Discussion post unit 6
For your assigned topic, please discuss the following:
topic Gonorrhea/Chlamydia
· Incidence, prevalence, and risk factors
· Clinical manifestation/physical exam performed
· Differential diagnosis
· Diagnostic tests needed
· Pharmacological (first line of treatment) and non-pharmacological management strategies for the condition
· Referral and complications
· One research article that is not more than 5 years old (evidence-based) which may address one of the following (diagnosis, assessment, and treatment or management of the condition)
.
Discussion. Forensic Anthropology and Odontology. AT LEAST 160 WORDS.docxJeniceStuckeyoo
Discussion. Forensic Anthropology and Odontology. AT LEAST 160 WORDS AND ONE REFERENCE.
Bite marks left behind as impressions on a person's body by an attacker have been used in forensic investigations. Odontologists compare the positions and number of teeth, as well as dental work in order to make their comparisons. One of the most famous cases where this type of evidence was used in the case of serial killer Theodore (Ted) Bundy. Bite marks were found on one of his victims which was compared to Bundy's bite mark impression and presented in court. While this may seem like solid evidence of identification, it has become controversial for use in criminal cases.
In your post, explain why this type of analysis is controversial? Provide an example (not Bundy) of a specific criminal case or discussion in the media of this controversy, be sure to include sources. Include your opinion about using this technique in criminal cases.
.
More Related Content
Similar to Code Galore Caselet Using COBIT® 5 for Information Security
Information technology lays out its strategies for using technology and infrastructure to help the company reach its goals. Plans are consistent with available means. There are also a number of novel ideas presented that might be included into the strategy to further improve the outcome. The PMCASPL IT department will aid the company's growth by offering a wide range of IT services such as evaluating data from various units and drawing conclusions on how to proceed with business. IT-employee policy, AI/ML integration, blockchain in AQMS, website/app development (Android/iOS), social media account management (technical side), ERP/ERP enterprise resource planning, cyber security, server system, IT communication, networking setup and management, hardware support, software support, cloud service, and backup system are all within the purview of the IT department. As a result, the IT department will offer technical assistance and creative ideas that add value to the company, allowing it to better carry out its commercial operations.
Focus your efforts, achieve results and scale your technology with Intacct
You work for a fast-growing company. As a finance professional, you hoped for rapid adoption of your product—and the increased revenue that accompanies it—but your growth is beginning to outpace your finance team’s capabilities.
Enter cloud accounting.
Cloud-based accounting solutions offer numerous tools to businesses in your situation, providing multiple modules to handle everything from GL to multi-currency transactions. They offer the flexibility to customize the solution to work the way you do, and the capability to integrate with nearly any outside software package. These cloud solutions can be especially effective for fast-growing technology companies.
Businesses involved in mergers and acquisitions must exercise due di.docxdewhirstichabod
Businesses involved in mergers and acquisitions must exercise due diligence in ensuring that the technology environment of the future organization is robust and adequately protects their information assets and intellectual property.. Such an effort requires time and open sharing to understand the physical locations, computing environment, and any gaps to address. Lack of information sharing can lead to a problematic systems integration and hamper the building of a cohesive enterprise security posture for the merged organization.
Often the urgency of companies undergoing a merger and acquisition (M&A) impedes comprehensive due diligence, especially in cybersecurity. This creates greater challenges for the cybersecurity engineering architect, who typically leads the cybersecurity assessment effort and creates the roadmap for the new enterprise security solution for the future organization. However, the business interest and urgency in completing the merger can also represent an opportunity for CISOs to leverage additional resources and executive attention on strategic security matters.
In this project, you will create a report on system security issues during an M&A. The details of your report, which will also include an executive briefing and summary, can be found in the final step of the project.
There are nine steps to the project. The project as a whole should take two weeks to complete. Begin with the workplace scenario and then continue to Step 1.
Deliverable
Cybersecurity for a Successful Acquisition, Slides to Support Executive Briefing
Step 1: Conduct a Policy Gap Analysis
As you begin Step 1 of your system security report on cybersecurity for mergers and acquisitions, keep in mind that the networks of companies going through an M&A can be subject to cyberattack. As you work through this step and the others, keep these questions in mind:
Are companies going through an M&A prone to more attacks or more focused attacks?
If so, what is the appropriate course of action?
Should the M&A activities be kept confidential?
Now, look at the existing security policies in regard to the acquisition of the media streaming company. You have to explain to the executives that before any systems are integrated, their security policies will need to be reviewed.
Conduct a policy gap analysis to ensure the target company's security policies follow relevant industry standards as well as local, state, and national laws and regulations. In other words, you need to make sure the new company will not inherit any statutory or regulatory noncompliance from either of the two original companies. This step would also identify what, if any, laws and regulations the target company is subject to. If those are different from the laws and regulations the acquiring company is subject to, then this document should answer the following questions:
How would you identify the differences?
How would you learn about the relevant laws and regulations?
How would .
This document brings together a set of latest data points and publicly available information relevant for Platforms & Applications Industry. We are very excited to share this content and believe that readers will benefit from this periodic publication immensely.
In the last past months we at RockeTier were working with several large organizations in three aspects: 1) boosting existing software performance (lean projects); 2) design new systems which are capable process billions of events per day based on commodity hardware and software and 3) establishing processes in large organization that support the life cycle of performance from event management, problem management to establishing a continues performance boosting to the organization systems from RFI to production. This presentation was presented to a large telecommunication industry company. This company is considering implementing a 360 degrees performance boosting project along its main product lines.
Maximizing ROI with Legacy Application MigrationMindfire LLC
A legacy application is a framework or system that is primarily old-fashioned or obsolete. These are frameworks, systems, or equipment that keeps being utilized regardless of their outmoded build. Usually, they’re on-premises applications or frameworks that organizations have been using and have used for a very long time. They usually include applications that run on old languages like COBOL or old operating systems. They can include anything from CRM tools to custom and industry-explicit applications.
Bullzeye is a discount retailer offering a wide range of products,.docxCruzIbarra161
Bullzeye is a discount retailer offering a wide range of products, including: home goods, clothing, toys, and food. The company is a regional retailer with 10 brick-and-mortar stores as well as a popular online store. Due to the recent credit card data breaches of various prominent national retail companies (e.g., Target, Home Depot, Staples), the Bullzeye Board of Directors has taken particular interest in information security, especially as it pertains to the protection of credit cardholder data within the Bullzeye environment. The Board has asked executive management to evaluate and strengthen the enterprise’s information security infrastructure, where needed.
In order to respond to the Board regarding their preparedness for a cyber-security attack, the Chief Financial Officer (CFO) has engaged your IT consulting firm to identify the inherent risks and recommend control remediation strategies to prevent or to detect and appropriately respond to data breaches. Your firm has been requested to liaison with the Internal Audit Department during the engagement. Your first step is to gain an understanding of Bullzeye’s IT environment. The Chief Audit Executive (CAE) schedules a meeting with key Bullzeye leadership personnel, including the CFO, Chief Information Officer (CIO), and Chief Information Security Officer (CISO).
The following key information was obtained.
Background
IT Security Framework/Policy -
Bullzeye has an information security policy, which was developed by the CISO. The policy was developed in response to an internal audit conducted by an external firm hired by the CAE. The policy is not based on one specific IT control framework but considers elements contained within several frameworks. An information security committee has been recently formed to discuss new security risks and to develop mitigation strategies.
The meeting will be held monthly and include the CISO and other key IT Directors reporting to the CIO.
In addition, a training program was implemented last year in order to provide education on various information security topics (e.g., social engineering, malware, etc.). The program requires that all staff within the IT department complete an annual information security training webinar and corresponding quiz. The training program is complemented by a monthly e-mail sent to IT staff, which highlights relevant information security topics.
General IT Environment -
Most employees in the corporate office are assigned a standard desktop computer, although certain management personnel in the corporate and retail locations are issued a laptop if they can demonstrate their need to work remotely. The laptops are given a standard Microsoft Windows operating system image, which includes anti-malware/anti-virus software and patch update software among others. In addition, new laptops are now encrypted; however, desktops and existing laptops are not currently encrypted due to budget concerns. The user provisioning.
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a.docxbudbarber38650
GLOBAL FINANCE, INC. (GFI)
Global Finance, Inc. (GFI) is a financial company that manages thousands of accounts across Canada, the United
States, and Mexico. A public company traded on the NYSE, GFI specializes in financial management, loan
application approval, wholesale loan processing, and investment of money management for their customers.
GFI employs over 1,600 employees and has been experiencing consistent growth keeping pace with S&P averages
(approximately 8%) for nearly six years. A well-honed management strategy built on scaling operational
performance through automation and technological innovation has propelled the company into the big leagues; GFI
was only recently profiled in Fortune Magazine.
The executive management team of GFI:
CEO
John Thompson
Vice Presidnet
Trey Elway
Executive
Assistant
Julie Anderson
Executive
Assistant
Kim Johnson
Executive
Assistant
Michelle Wang
CFO
Ron Johnson
COO
Mike Willy
CCO
Andy Murphy
Director of
Marketing
John King
Director of HR
Ted Young
Figure 1 GFI Management Organizational Chart
BACKGROUND AND YOUR ROLE
You are the Computer Security Manager educated, trained, and hired to protect the physical and operational
security of GFI’s corporate information system.
You were hired by COO Mike Willy and currently report to the COO. You are responsible for a $5.25m
annual budget, a staff of 11, and a sprawling and expansive data center located on the 5
th
floor of the
corporate tower. This position is the pinnacle of your career – you are counting on your performance here
to pave the way into a more strategic leadership position in IT, filling a vacancy that you feel is so
significantly lacking from the executive team.
There is actually a reason for this. CEO John Thompson believes that the IT problem is a known quantity –
that is, she feels the IT function can be nearly entirely outsourced at fractions of the cost associated with
creating and maintaining an established internal IT department; the CEO’s strategy has been to prevent IT
from becoming a core competency since so many services can be obtained from 3
rd
parties. Since the CEO
has taken the reigns two years ago, the CEO has made significant headway in cutting your department’s
budget by 30% and reducing half of your staff through outsourcing. This has been a political fight for you:
maintaining and reinforcing the relevance of an internal IT department is a constant struggle. COO Willy’s
act of hiring you was, in fact, an act of desperation: the increasing operational dependence on technology
combined with a diminishing IT footprint gravely concerned Jacobson, and he begged to at least bring in a
manager to whom these obligations could be delegated to. Jacobson’s worst nightmare is a situation where
the Confidentiality, Integrity, and Availability of the information system was compromised – bringing the
company to its knees – then having to .
Discussion post unit 6For your assigned topic, please discuss .docxJeniceStuckeyoo
Discussion post unit 6
For your assigned topic, please discuss the following:
topic Gonorrhea/Chlamydia
· Incidence, prevalence, and risk factors
· Clinical manifestation/physical exam performed
· Differential diagnosis
· Diagnostic tests needed
· Pharmacological (first line of treatment) and non-pharmacological management strategies for the condition
· Referral and complications
· One research article that is not more than 5 years old (evidence-based) which may address one of the following (diagnosis, assessment, and treatment or management of the condition)
.
Discussion. Forensic Anthropology and Odontology. AT LEAST 160 WORDS.docxJeniceStuckeyoo
Discussion. Forensic Anthropology and Odontology. AT LEAST 160 WORDS AND ONE REFERENCE.
Bite marks left behind as impressions on a person's body by an attacker have been used in forensic investigations. Odontologists compare the positions and number of teeth, as well as dental work in order to make their comparisons. One of the most famous cases where this type of evidence was used in the case of serial killer Theodore (Ted) Bundy. Bite marks were found on one of his victims which was compared to Bundy's bite mark impression and presented in court. While this may seem like solid evidence of identification, it has become controversial for use in criminal cases.
In your post, explain why this type of analysis is controversial? Provide an example (not Bundy) of a specific criminal case or discussion in the media of this controversy, be sure to include sources. Include your opinion about using this technique in criminal cases.
.
Discussion TopicThe initial post is due on Wednesday and n.docxJeniceStuckeyoo
Discussion Topic
The initial post is due on Wednesday and needs to be a minimum of 175 words.
Week 1 questions:
Nutrition is often talked about in everyday pop culture. Nutrition science, however, is not always part of the conversation.
Respond to the following in a minimum of 175 words:
Discuss some examples of nutrition that you see brought up in everyday experiences. These examples can be from blogs, social media, current events, television, magazines, etc.
How many of those examples are supported by knowledge from nutrition science?
How can you determine credible information? Discuss some criteria for determining credible information. What should you look for as red flags when trying to determine if information is credible or not?
Why are people willing to believe information that may not be scientifically proven?
.
Dispite effective designs that aim to achieve good data, however, so.docxJeniceStuckeyoo
Dispite effective designs that aim to achieve good data, however, some anomolies are introduced during use of the data.
Discuss attribute semantics as an informal measure of goodness for a relational schema - that is, ways that attributes and be constructed during conception to achieve
good data.
Illustrate with example
Discuss Insertion, Deletion, and modification anomolies. Why are they considered bad?
Illustrate with examples
.
Why should NULLs in a relation be avoided as much as possible? Discuss the problem of spurious tuples and how to prevent it.
.
Discussion7 For the discussion topic related to Threats to .docxJeniceStuckeyoo
Discussion7:
For the discussion topic related to Threats to Biodiversity, research some information about threats to biodiversity and discuss:
· 2 major threats to biodiversity today.
· Where do these threats come from?
Your main response should be a minimum of 150 words (more is OK). You must also post a minimum of one significant reply to a classmate's post that contributes to their learning by Friday, 11:59 pm. The reply should be a minimum of 100 words.
Response to below discussion: Britt
The two main threats to biodiversity today are habitat loss and pollution. Our environments are seriously threatened by pollution. Pollution in the air, water, soil, and plastics have all have a negative impact on biodiversity. As you travel down the highways, you will see that plastic bottles and wrappers are all over the place, and factory emissions are contaminating the air with ammonia, dust, and soot. Animals suffering from respiratory distress from air pollution also have lower reproductive rates, which reduces biodiversity. In addition to polluting our air, greenhouse gases cause climate change, which destroys hundreds of coral reefs in our oceans. Our fish die from water contamination, which results in a decline in fish diversity. Another significant problem with biodiversity is habitat loss. Many species become extinct due to habitat loss. To develop another structure or establishment, this act entails razinf forests and habitats. Because they are removing such a large number of species from their habitats, this has a significant negative impact on biodiversity. Additionally, some species could become extinct completely as a result of this. These dangers are posed by people and companies that want to build more buildings and tear down forests and habitats to do so.
References:
Hanski, I. (2011). Habitat loss, the dynamics of biodiversity, and a perspective on conservation. 40(3): 248–255.
National Library of Medicine.
Wreglesworth, R. How does pollution affect biodiversity?
Innovate Eco.
.
Discussion Post Post on the Discussion Board a maximum 1000-word o.docxJeniceStuckeyoo
Discussion Post: Post on the Discussion Board a maximum 1000-word on the meaning, role, and value of public relations in global society. Provide robust
analysis
of the place of ethics in the practice of public relations. Do not merely summarize the various ethical approaches; try to apply them. In other words, what does ethical action look like in PR? What
should
it look like? Why?
Cite course readings in your response.
.
Discussion WK 9The Role of the RNAPRN in Policy EvaluationIn .docxJeniceStuckeyoo
Discussion WK 9
The Role of the RN/APRN in Policy Evaluation
In the Module 4 Discussion, you considered how professional nurses can become involved in policy-making. A critical component of any policy design is evaluation of the results. How comfortable are you with the thought of becoming involved with such matters?
Some nurses may be hesitant to get involved with policy evaluation. The preference may be to focus on the care and well-being of their patients; some nurses may feel ill-equipped to enter the realm of policy and political activities. However, as you have examined previously, who better to advocate for patients and effective programs and polices than nurses? Already patient advocates in interactions with doctors and leadership, why not with government and regulatory agencies?
In this Discussion, you will reflect on the role of professional nurses in policy evaluation.
To Prepare:
· In the Module 4 Discussion, you considered how professional nurses can become involved in policy-making.
· Review the Resources and reflect on the role of professional nurses in policy evaluation.
By Day 3 of Week 9
Select an existing healthcare program or policy evaluation or choose one of interest to you.
Review community, state, or federal policy evaluation and reflect on the criteria used to measure the effectiveness of the program or policy described.
Post an evaluation topic and a brief description of the evaluation. Discuss how social determinants impact this issue.
RESOURCES:
Milstead, J. A., & Short, N. M. (2019).
Health policy and politics: A nurse's guide (6th ed.). Jones & Bartlett Learning.
· Chapter 7, “Health Policy and Social Program Evaluation” (pp. 116–124 only)
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5409875/
https://www.sciencedirect.com/user/identity/landing?code=Di7po9j9EMcw3P8H7oOBTNkBnjVKGuf9x44QkC1I&state=retryCounter%3D0%26csrfToken%3D9f776cf2-08bc-4f09-a8f6-072222840d99%26idpPolicy%3Durn%253Acom%253Aelsevier%253Aidp%253Apolicy%253Aproduct%253Ainst_assoc%26returnUrl%3Dhttps%253A%252F%252Fwww.sciencedirect.com%252Fscience%252Farticle%252Fpii%252FS0029655418300617%26prompt%3Dlogin%26cid%3Datp-40f879d1-8ae6-4b6d-b906-4c41401a9ea7
i J LUUU^S
Why Don't We See More Translation
of Health Promotion Research to Practice?
Rethinking the Efficacy-to-Effectiveness Transition
I Russell E. Glasgow, PhD, Edward Lichtenstein, PhD, and Alfred C, Marcus, PhD
The gap between research and practice is well documented. We address one of the
underlying reasons for this gap: the assumption that effectiveness research naturally
and logically follows from successful efficacy research. These 2 research traditions
have evolved different methods and values; consequently, there are inherent differ-
ences between the characteristics of a successful efficacy intervention versus those of
an effectiveness one. Moderating factors that limit robustness across settings, popu-
lations, and intervention staff need to .
Discussion QuestionTelehealth technology has extended the .docxJeniceStuckeyoo
Discussion Question:
Telehealth technology has extended the arms of traditional health care delivery into homes, clinics, and other environments outside the bricks and mortar of hospitals. Will the increased use of these telehealth technology tools be viewed as “de-humanizing” patient care or will they be viewed as a means to promote more contact with healthcare providers and new ways for people to “stay connected” (as online disease support groups), thereby creating better long-term disease management and patient satisfaction?
.
Discussion Chapter FivePlease answer the following question an.docxJeniceStuckeyoo
Discussion: Chapter Five
*Please answer the following question and make sure that your response is 100 words are more and in complete sentences. *
1. How do definitions of criminal responsibility differ among countries?
Career Pathway Initiative: Penal Code
Describe the penal code of the
Federal Republic of Germany, the
Italian Penal Code, and the
French Penal Code.
Final Exam
Research the criminal justice systems in
England,
China,
Pakistan and
Russia. Compare and contrast each one and explain whether or not you agree with their form of government.
Chapter 5: Substantive Law and Procedural Law in the Four Legal Traditions
*Please answer the following questions and make sure that your response is 100 words are more for each and in complete sentences. *
1. How are public law and private law distinguished?
2. How does the search for truth differ between the adversarial and inquisitorial systems?
3. What forms can judicial review take?
4. How can American football and European soccer help explain the adversarial and inquisitorial systems?
Week 6 Discussion Question
Identify the play you chose to study. Did you know the play before you chose it? What stands out for you as you read it for class? What message(s) does the play hold for someone reading or watching it in 2021?
Module 2: Reading Quiz 1
Unit 1: Reading Quiz 3:
Compare/Contrast Gilgamesh and Job as heroes.
Read the
Epic of Gilgamesh (Links to an external site.) and the book of
Job (Links to an external site.).
Compare and Contrast Gilgamesh and Odysseus as heroes.
Use the following guidelines to help you compose your answer:
- How are Gilgamesh and Odysseus similar?
- How are Gilgamesh and Odysseus different?
- What are each hero's strengths?
- What are each hero's weaknesses?
- Which of the two do you think is the ultimate hero?
- Good answers should be at least 250 words.
Plagiarism Reminder
Answers should be in your own words. Do not copy answers from online sources. I am interested in what
you think. If you use language from the text, use quotations marks (Example: "In the land of Uz there lived a man whose name was Job.").
Task Three: Activities for Homer's Odyssey
Read through the Homer Study Guide and all of the Activities below before making your selection. Make a copy of the Activity question to begin your response. Upload your Activity here. Title your entry, "Activity 3." These Activity entries must be thoughtful; each one should be the equivalent of at least a full typed page or more in length (e.g. not less than 250 words). They may be longer if you need to say more on your topic. You will not be able to do these Activity entries properly unless you have carefully read the assigned literature.
· Athena is Odysseus' patron deity; he is her favorite human being. Look at some of t.
Discussion Rubric: Undergraduate
Your active participation in the discussion forums is essential to your overall success this term. Discussion questions are designed to help you make meaningful
connections between the course content and the larger concepts and goals of the course. These discussions offer you the opportunity to express your own
thoughts, ask questions for clarification, and gain insight from your classmates’ responses and instructor’s guidance.
Requirements for Discussion Board Assignments
Students are required to post one initial post and to follow up with at least two response posts for each discussion board assignment.
For your initial post (1), you must do the following:
Compose a post of one to two paragraphs.
In Module One, complete the initial post by Thursday at 11:59 p.m.
Eastern Time.
In Modules Two through Eight, complete the initial post by Thursday at
11:59 p.m. of your local time zone.
Take into consideration material such as course content and other
discussion boards from the current module and previous modules, when
appropriate (make sure you are using proper citation methods for your
discipline when referencing scholarly or popular resources).
For your response posts (2), you must do the following:
Reply to at least two different classmates outside of your own initial
post thread.
In Module One, complete the two response posts by Sunday at 11:59
p.m. Eastern Time.
In Modules Two through Eight, complete the two response posts by
Sunday at 11:59 p.m. of your local time zone.
Demonstrate more depth and thought than simply stating that “I agree”
or “You are wrong.” Guidance is provided for you in each discussion
prompt.
Rubric
Critical Elements Exemplary Proficient Needs Improvement Not Evident Value
Comprehension Develops an initial post with an
organized, clear point of view or
idea using rich and significant detail
(100%)
Develops an initial post with a
point of view or idea using
adequate organization and
detail (85%)
Develops an initial post with a
point of view or idea but with
some gaps in organization and
detail (55%)
Does not develop an initial post
with an organized point of view
or idea (0%)
40
Timeliness Submits initial post on time
(100%)
Submits initial post one day late
(55%)
Submits initial post two or more
days late (0%)
10
Engagement Provides relevant and meaningful
response posts with clarifying
explanation and detail (100%)
Provides relevant response
posts with some explanation
and detail (85%)
Provides somewhat relevant
response posts with some
explanation and detail (55%)
Provides response posts that
are generic with little
explanation or detail (0%)
30
Writing
(Mechanics)
Writes posts that are easily
understood, clear, and concise
using proper citation methods
where applicable with no errors in
citations (100.
Discussion Communicating in Your InternshipDirectionsKiser, C.docxJeniceStuckeyoo
Discussion: Communicating in Your Internship
Directions
Kiser, Chapter 6: Communicating in Your Internship, describes the clientele who access HUS settings and successful communication skills for HUS practitioners. Throughout your HUS courses, you have been exposed to theoretical perspectives regarding individuals, groups, families, and agencies, and reviewed counseling, mental health, aging, multiculturalism, case management, and social policy. Now the time has come to apply your knowledge directly with human beings. As you have progressed through your internship and have reached the halfway mark, you have had opportunities to not only interact with clients but to observe situations in which you have been challenged to remain neutral and communicate effectively.
For your initial post:
1. Describe your client population. Cite Kiser Chapter 6 material to explain some of the characteristics of this group and some of the challenges a HUS professional might encounter.
2. Discuss what you have learned in your HUS coursework that has helped you to understand and work with this clientele. Specifically name the course and information. For example: Family Systems and Dynamics helped me to understand that the whole family plays a part in the problem that the client presents. Ethics taught me that the professional role has clear boundaries and that I must be aware of those boundaries to help my clients without violating ethical standards. Group Dynamics taught me that conflict and power may make it hard to serve my client population. Please refer to the courses you have taken.
3. Discuss at least 2 areas that have been more difficult as you work with the clientele.
4. Discuss your understanding of what roadblocks have been presented for you to overcome, for example, personal beliefs and values regarding conflict, anger, addiction, poverty, incarceration, aging, gender, culture, religion. It is important to be honest and own that although being objective is an ideal, as human beings, our own biases and beliefs will be brought into sharp relief as we deal directly with others who are facing challenges in their lives.
5. Discuss what you can do to work towards more neutrality when faced with clients who challenge you. Give at least three methods you can use to help you overcome these challenges.
Weaknesses
What could MH SW improve?
STRENGHT(What does Memorial Herman do well)
WEAKNESS (what could improve about Memorial Hermann)
· High Reliability: Memorial Hermann Southwest has established the framework with its leadership team to focus on achieving the goal of zero harm. They do this by empowering employees to speak up and making organizational safety a priority. They have received recognition by the ANCC as a magnet facility as well as receiving the Birnbaum quality leadership award for quality and safety.
· Successful clinical outcomes: recognized by the American heart association as a high-quality stroke care facility. Their mission and vision is.
Discussion Topic- Concepts of Managed Care Health insurance comp.docxJeniceStuckeyoo
Discussion Topic- Concepts of Managed Care
Health insurance companies cover services they define as medically necessary. Medical necessity is a decision made by a health plan as to whether the treatment, test, or procedure is necessary for a patient’s health or to treat a medical problem. Third-party payers (aka Insurance companies or health plans) often require documentation to illustrate medical necessity for treatment before payment will be made.
For your main Discussion post, evaluate and examine medical necessity from a
provider’s
(doctor, hospital, clinic, etc.) point of a view
and
from a
payer’s
/health plan’s (Aetna, Cigna, Affinity, Healthfirst, etc.) point of view.
Research then discuss the role
evidence-based clinical criteria and guidelines
play with regard to medical necessity.
At least 250 words
Chapter 5
Required Textbooks:Kongstvedt, P., Health Insurance and Managed Care: What They Are and How TheyWork, 5th. Edition. Sudbury, MA: Jones and Bartlett.ISBN- 978-1-284-15209-8 or EBook-ISBN-978-1-284-09487-9
.
Discussion Prompt #1 - Juveniles as AdultsThe juvenile jus.docxJeniceStuckeyoo
Discussion Prompt #1 - Juvenile's as Adults?
The juvenile justice system has evolved into a parallel yet independent system of justice with its own terminology and rules of prosecution. The primary purpose of juvenile procedures is protection and treatment; with adults, the aim is to punish the guilty. Are there any circumstances in which you believe that a juvenile may be tried as adults? On what basis have you arrived at this answer?
Discussion Prompt #2 - After School Programs
A major preventive advantage of school for juveniles is the monitoring and social control that principals, teachers, and other school staff provide. Some juveniles are on their own after school because their parents are at work. This time period can create opportunities for crime and delinquency. After-school programs can keep children and adolescents engaged in structured, prosocial activities until their parents return from work. How important are after-school programs for at-risk youth? Provide an example of an after-school youth program that is effective in engaging children and adolescents.
.
Discussion Question Contrast file encryption and volume encryptio.docxJeniceStuckeyoo
Discussion Question: Contrast file encryption and volume encryption
· The discussion assignment requires an Original Posting (main post) from you of 2-3 paragraphs answering the module's question.
· In addition to your main post, you must post
three responses to other posts made by your classmates. These can be replies to other main posts or responding to student replies on your thread.
PLEASE RESPOND TO THE PEER POSTS BELOW
PEER 1
Ransomware works via finding its way onto a host computer, it's a kind of malware so it's like when your computer gets sick and slows it down but instead it locks out all your stuff. Usually what they ask for in return for control of your files is money, but sometimes they will ask for other important things. The FBI doesn't condone giving the attackers what they want because it's more than likely that they'll just take the money and keep your stuff locked, they'll possibly even ask for more. That's why they stress how important it is that if this happens to you then you should go to them for help. If your in a company then you ask your IT department.
The software goes through this encryption phase where it starts encrypting all the files on your computer until it's all locked and you can tell if something is encrypted usually because the file will have an extension added onto it. Such as .aaa , .micro , .encrypted , .ttt , .xyz , .zzz , .locky , .crypt , .cryptolocker , .vault , or .petya. These extensions are an indication that a file has been partially or fully encrypted. What's recommended is that as soon as you find out that your files are being locked, you disconnect from all wireless connections and other computing devices, because this virus can and will spread to cause even more havoc. It can spread across your network and ruin other computers on said network.
Ransomware is normally delivered by drive-by downloads or email phishing. Drive-by downloads are a fancy way of saying a download that you pick up while browsing a site and it runs in the background. Email phishing is one of the reasons you don't click on links from emails from anyone, even from trusted sources. If you know who the email is coming from your best bet is to get with them personally to make sure that it's a valid email and that it's not an attacker. If a ransom is paid though, the attack may give you an encryption key to unlock your files, if your lucky enough. Why take a chance though, you should always take the smart path and make sure that you contact the proper authorities if you come across anything like this in your time. Also make sure to back up your computer files, it may sound obvious enough to want to put it off and procrastinate this, but the longer you wait the more at risk you are.
PEER 2
This week, I have decided to write my discussion post about ransomware and explain how it works. I've always found it one of the more interesting topics in cybersecurity. The idea behind ransomware is quite si.
Discussion Board #4
50
50 unread replies.
50
50 replies.
Discussion Board #4: Reporting and Measuring Financial Performance
1.Explain the purpose of income statements, balance sheets, statement of changes in net worth and the statement of cash flows
2. Explain the role of financial ratios in financial management.
3. Describe the role of and use trend analysis.
.
Discussion Ethics in Cross-Cultural ResearchWhile many psyc.docxJeniceStuckeyoo
Discussion: Ethics in Cross-Cultural Research
While many psychologists may be familiar with ethical considerations in their own culture, such as the use of Institutional Review Boards (IRBs) to review research, or the existence of professional documents such as American Psychological Association’s (APA) code of ethics, when conducting research outside of their majority home culture, they may be at a loss. For instance, the psychologist may not be aware of different rules and regulations for research in different nations, or about various spoken and unspoken cultural beliefs about morals and ethics and the role and purpose of research, such as differing understandings and beliefs about what merits co-authorship or what constitutes privacy and confidentiality. Familiarizing yourself with such ethical considerations will be important for you to understand in your future professional practice.
For this Discussion, you will examine ethical issues related to cross-cultural research and the necessary course of action.
To Prepare:
Consider the following:
Professor Plum wants to investigate cross-cultural differences in attitudes towards different foods. He is very interested in nation “X”. However, he has never been there nor does he know the language or culture or the political situation. He also does not know if there are any psychologists living in that nation. Understanding attitudes about foods in this nation may help with people with eating disorders in Professor Plum’s country and eventually may help people with eating disorders in many nations.
As you consider Professor Plum’s research, think about the impact of his plans on human subject protection. Also, consider the ethical implications of the aims of his research purposes and his ability to gain information that will accurately represent those from whom he collects data.
Before Professor Plum begins his research,
post
and explain some of the potential ethical issues he will need to consider (i.e., impact on human subject protection) and why this is an important consideration. Further explain two ethical issues and suggest what courses of action might be appropriate.
Learning Resources
Required Readings
Haffejee, S., & Theron, L. (2018). Contextual risks and resilience enablers in South Africa: The case of Precious. In G. Rich & S. Sirikantraporn (Eds.),
Human strengths and resilience: Developmental, cross-cultural, and international perspectives
(pp. 87–104).Lanham, MD: Lexington Books.
Credit Line: Human Strengths and Resilience: Developmental, Cross-Cultural, and International Perspectives, by Rich, G.; Sirikantraporn, S. Copyright 2018 by Lexington Books. Reprinted by permission of Lexington Books via the Copyright Clearance Center.
Ice, G.H., Dufour, D. L., & Stevens, N. J. (2015).
Disasters in field research: Preparing for and coping with unexpected events.
New York, NY: Rowman & Littlefield.
Credit Line: Disasters in Field Research: Preparing for and Cop.
Discussion 2Locate current or proposed legislation, city rul.docxJeniceStuckeyoo
Discussion 2
Locate current or proposed legislation, city rules, or ordinances that have the potential to affect the environment in your area. Summarize the legislation and draw conclusions about the impact legislation will have on environmental practices.
GUIDELINES
Visit the website of a legislative body that has the ability to create rules, codes, or ordinances that impact the environment. Examples of these types of agencies include: Green Dallas, Fort Worth Environmental Management Department, Texas House of Representatives Committee on Environmental Regulation, U.S. House of Representatives Committee on Natural Resources, U.S. Senate Committee on Environment and Public Works and U.S. Environmental Protection Agency (EPA). Select one piece of legislation (or rule, or ordinance), either proposed or actual, and summarize it for the class. Ideally, you should select legislation that will directly impact your community.
· Review the discussion board prior to selecting a proposal or prior to posting your message to the discussion board in order to avoid duplicating resources.
· List the title of the legislative bill, rule, or ordinance. Include the title of the legislative body that drafted, proposed, or authorized the legislation.
· Summarize the environmental legislation in one or two paragraphs. Identify key concepts included in the legislation.
· In your opinion, what is the potential or realized impact of this legislation on the community?
· Do you agree or disagree with the legislation? Support your answer.
· Your original post should consist of complete sentences and should be at least two complete paragraphs but no more than three paragraphs.
.
Discussion 2 Advantages and Disadvantages of Different Methods .docxJeniceStuckeyoo
Discussion 2: Advantages and Disadvantages of Different Methods in Cross-Cultural Research
In cross-cultural psychology research, a broad range of techniques is utilized to determine the best way to access critical data. Each technique has its advantages and disadvantages. For example, laboratory experiments may offer great control and ability to examine issues of cause and effect, but may not always reflect actual real-world conditions, especially in cross cultural situations. As an additional example, long term field work and interviews conducted by living in a given cultural setting for a year or two, may offer the possibility of many nuanced observations, yet such qualitative work will not lead to statistical or experimental designs. Each method tends to have pros and cons, rather than one method being the "right" one for every situation. For this Discussion, you will explore the advantages and disadvantages of using different research methods in cross-cultural research.
Post
and explain one advantage and one disadvantage of quantitative research for cross-cultural psychology. Then, describe one advantage and one disadvantage of qualitative research for cross-cultural psychology. Use examples from the studies provided to support your thinking.
Learning Resources
Required Readings
Karasz, A., & Singelis, T. M. (2009). Qualitative and mixed methods research in cross-cultural psychology: Introduction to the special issue.
Journal of Cross-Cultural Psychology, 40
(6), 909–916
Leech, N. L., & Onwuegbuzie, A. J. (2009). A typology of mixed methods research designs.
Quality and Quantity, 43
(2), 265–275. doi:10.1007/s11135-007-9105-3
Malda, M., Van de Vijver, F. J. R., Srinivasan, K., Transler, C., Sukumar, P., & Rao, K. (2008). Adapting a cognitive test for a different culture: An illustration of qualitative procedures.
Psychology Science Quarterly, 50
(4), 451–468.
Miller, K. E., Omidian, P., Quraishy, A. S., Quraishy, N., Nasiry, M. N., Nasiry, S.,... & Yaqubi, A. A. (2006). The Afghan symptom checklist: A culturally grounded approach to mental health assessment in a conflict zone.
American Journal of Orthopsychiatry, 76
(4), 423–433.
Rich, G., Sirikantraporn, S., & Jean-Charles, W. (2018). The concept of posttraumatic growth in an adult sample from Port-Au-Prince, Haiti: A mixed methods study. In G. Rich & S. Sirikantraporn (Eds.),
Human strengths and resilience: Developmental, cross-cultural, and international Perspectives
(pp. 21–38).Lanham, MD: Lexington Books.
Credit Line: International Differences in Well-Being, by Diener, J.; Helliwell, J. ; Kahneman, D. Copyright 2010 by Oxford University Press. Reprinted by permission of Oxford University Press via the Copyright Clearance Center.
Van de Vijver, F. J. R. (2009). Types of comparative studies in cross-cultural psychology.
Online readings in psychology and culture, 2
(2), pp.1–12.
Credit Line: Fons J. R. van de Vijver. (2009). Types of Comparative Studies in Cross.
Intermediate Accounting II Discussion QuestionImagine you are t.docxJeniceStuckeyoo
Intermediate Accounting II Discussion Question:
Imagine you are the senior accountant in the Fixed Assets department at your organization, and management is undecided as to whether it should construct its fixed assets or purchase such assets from an outside source. You are responsible for preparing a report to management, highlighting the advantages and disadvantages of self-constructed assets. Suggest to management two (2) advantages of purchasing the assets from an outside organization, as opposed to constructing the assets internally. Justify your response.
Imagine that management is considering a nonreciprocal transfer of an old asset. Determine the key arguments for and against the accounting treatment of a nonreciprocal transfer. Select a position for or against the accounting treatment, and explain the method that reflects the best accounting practice.
.
Interaction Paper 1 InstructionsFor this Interaction Paper, yo.docxJeniceStuckeyoo
Interaction Paper 1 Instructions
For this Interaction Paper, you will choose a topic from the list below and write a 7–8-page paper based on methods of conflict resolution.
You will be required to show your understanding of issues that cause conflict and the methods/resources being used today towards specific resolution.
Special permission to choose and write on a topic not included on the list may be secured from the instructor.
Area 1 Topics
Area 1 topics are about conflict and are theoretical in nature.
Your interaction paper should:
Clearly define your purpose and clarify a specific question to answer.
Your purpose should be general in nature and serve to prompt a more specific question that you will attempt to answer.
For example, using the “Hillary Clinton as Peace Maker” topic, the purpose might be to explore how world leaders act as intermediaries to achieve diplomacy.
The specific question could be, “How has Hillary Clinton made attempts to maintain peace between the U.S. and hostile countries like North Korea and Iran?”
Specify a method for how you will accomplish your purpose and answer your question.
This step is a preview of your research, and you will briefly indicate the tools you used
to conduct your study.
You may use any number of methods: surveying literature or journal articles, conducting surveys, studying historical cases, etc.
Demonstrate your research.
In this section, you will provide the details of your research process.
Your input here should comprise the majority of your content.
Draw some conclusions you reached.
In this section, you will answer the question you posed in Step 1.
Summarize the results of your research.
Give recommendations for further study.
Choose your topic from the list below:
·
The Biblical mandate for resolving conflict
·
Interpersonal Conflict and the Scriptures
·
Examples of IP conflict between man and God and man and man in Scripture.
·
The importance and significance of “forgiveness” in resolving conflict.
·
Techniques that may be used for international conflict reconciliation
·
Jimmy Carter as Peace Maker
·
Condoleezza Rice as Conflict Resolver
·
Bill Clinton as Conflict Resolver
·
President Obama as Conflict Resolver
·
Negotiation
·
Kissinger as Effective Negotiator
·
Hillary Clinton as Conflict Resolver
·
Mediation and conflict resolution in job disputes
·
Barriers to Conflict Resolution
·
Peacekeeping and Conflict Resolution
·
Business Management Methods of Handling Conflict.
·
The Functions of Conflict
·
Dealing with Racism as conflict
·
Dealing with Gender as conflict
·
Dealing with
Multicultural conflicts
·
Forgiveness and Reconciliation in Conflict
·
Social-Psychological Perspectives of Conflict
·
Conflict Climates
·
Stress and Conflict Affects
·
Anger and Conflict Affects
·
Confrontation and Conflict
·
Listening and Conflict
·
The Church as a Stimulus for Peacemaking
·
.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
2. Products
Sales
Financials
Background Information
Building a comprehensive business function automation
software that performs many functions (decision making in
approaching new initiatives, goal setting and tracking, financial
accounting, a payment system, and much more).
The software is largely the joint brainchild of the Chief
Technology Officer (CTO) and a highly visionary Marketing
Manager who left the company a year ago
5
What we do
Org. Structure
Operational
Industry
Products
Sales
Financials
Background Information – What We Do
Financed 100% by investors who are extremely anxious to make
a profit.
Investors have invested more than US $35 million since
inception and have not received any returns.
The organization expected a small profit in the last two
quarters. However, the weak economy led to the cancellation of
several large orders. As a result, the organization was in the red
each quarter by approximately US $250,000.
6
Background Information – Financials
What we do
3. Org. Structure
Operational
Industry
Products
Sales
Financials
Code Galore is a privately held company with a budget of US
$15 million per year. Sales last year totaled US $13.5 million
(as mentioned earlier, the company came within US $250,000 of
being profitable each of the last two quarters).
The investors hold the preponderance of the company’s stock;
share options are given to employees in the form of stock
options that can be purchased for US $1 per share if the
company ever goes public.
Code Galore spends about five percent of its annual budget on
marketing. Its marketing efforts focus on portraying other
financial function automation applications as ‘point solutions’
in contrast to Code Galore’s product.
7
Background Information – Financials
What we do
Org. Structure
Operational
Industry
Products
Sales
Financials
8
Background Information – Org. Structure
Figure 1—Code Galore Organisational Chart
CEO
CSO
4. VP, Finance
VP, Business
CTO
VP, Human Resources
Security
Administrator
Sales Mgr
Accounting
Dir.
Sr. Financial
Analyst
Infrastructure
Mgr.
Sys. Dev. Mgr.
HR Manager
What we do
Org. Structure
Operational
Industry
Products
Sales
Financials
The board of directors:
5. Consists of seasoned professionals with many years of
experience in the software industry
Is scattered all over the world and seldom meets, except by
teleconference
Is uneasy with Code Galore being stretched so thin financially,
and a few members have tendered their resignations within the
last few months
9
Background Information – Org. Structure
What we do
Org. Structure
Operational
Industry
Products
Sales
Financials
The CEO:
Is the former chief financial officer (CFO) of Code Galore that
replaced the original CEO who resigned to pursue another
opportunity two years ago
Has a good deal of business knowledge, a moderate amount of
experience as a C-level officer, but no prior experience as a
CEO
As a former CFO, tends to focus more on cost cutting than on
creating a vision for developing more business and getting
better at what Code Galore does best
Background Information – Org. Structure
10
What we do
Org. Structure
Operational
Industry
Products
6. Sales
Financials
Engineers perform code installations. The time to get the
product completely installed and customized to the customer’s
environment can exceed one month with costs higher than US
$60,000 to the customer.
Labour and purchase costs are too high for small and medium-
sized businesses. So far, only large companies in the US and
Canada have bought the product.
C-level officers and board members know that they have
developed a highly functional, unique product for which there is
really no competition. They believe that, in time, more
companies will become interested in this product, but the
proverbial time bomb is ticking. Investors have stretched
themselves to invest US $35 million in the company, and are
unwilling to invest much more.
11
Background Information – Operational
What we do
Org. Structure
Operational
Industry
Products
Sales
Financials
Business function automation software is a profitable area for
many software vendors because it automates tasks that
previously had to be performed manually or that software did
not adequately support.
The business function automation software arena has many
7. products developed by many vendors. However, Code Galore is
a unique niche player that does not really compete (at least on
an individual basis) with other business automation software
companies.
Background Information – Industry
12
What we do
Org. Structure
Operational
Industry
Products
Sales
Financials
The product is comprehensive—at least four other software
products would have to be purchased and implemented to cover
the range of functions that Code Galore’s product covers.
Additionally, the product integrates information and statistics
throughout all functions—each function is aware of what is
occurring in the other functions and can adjust what it does
accordingly, leading to better decision aiding.
Background Information – Products
13
What we do
Org. Structure
Operational
Industry
Products
Sales
Financials
Sales have been slower than expected, mainly due to a
combination of the economic recession and the high price and
complexity of the product.
8. The price is not just due to the cost of software development; it
also is due to the configuration labour required to get the
product running suitably for its customers.
Background Information – Sales
14
What we do
Org. Structure
Operational
Industry
Products
Sales
Financials
Acquisition
Code Galore is in many ways fighting for its life, and the fact
that, four months ago, the board of directors made the decision
to acquire a small software start-up company, Skyhaven
Software, has not helped the cash situation.
Skyhaven consists of approximately 15 people, mostly
programmers who work at the company’s small office in
Phoenix, Arizona, USA. Originally, the only connection
between your network and Skyhaven’s was an archaic public
switched telephone network (PSTN).
Setting up a WAN
Two months ago, your company’s IT director was tasked with
setting up a dedicated wide area network (WAN) connection to
allow the former Skyhaven staff to remotely access Code
Galore’s internal network and vice versa.
You requested that this implementation be delayed until the
security implications of having this new access route into your
network were better understood, but the CEO denied your
request on the grounds that it would delay a critical business
initiative, namely getting Skyhaven’s code integrated into Code
Galore’s.
9. 15
The Problems
Information Security
More recently, you have discovered that the connection does not
require a password for access and that, once a connection to the
internal network is established from outside the network, it is
possible to connect to every server within the network,
including the server that holds Code Galore’s source code and
software library and the server that houses employee payroll,
benefits and medical insurance information.
Fortunately, access control lists (ACLs) limit the abili ty of
anyone to access these sensitive files, but a recent vulnerability
scan showed that both servers have vulnerabilities that could
allow an attacker to gain unauthorised remote privileged access.
You have told the IT director that these vulnerabilities need to
be patched, but because of the concern that patching them may
cause them to crash or behave unreliably and because Code
Galore must soon become profitable or else, you have granted
the IT director a delay of one month in patching the servers.
16
The Problems – Overview
Bots
What now really worries you is that, earlier today, monitoring
by one of the security engineers who does some work for you
has shown that several hosts in Skyhaven’s network were found
to have bots installed in them.
10. Source Code
Furthermore, one of the Skyhaven programmers has told you
that Skyhaven source code (which is to be integrated into Code
Galore’s source code as soon as the Skyhaven programmers are
through with the release on which they are currently working) i s
on just about every Skyhaven machine, regardless of whether it
is a workstation or server.
17
The Problems – Overview
Code Galore vs. Skyhaven Employee knowledge
Code Galore employees are, in general, above average in their
knowledge and awareness of information security, due in large
part to an effective security awareness programme that you set
up two months after you started working at Code Galore and
have managed ever since.
You offer monthly brown bag lunch events in a large conference
room, display posters reminding employees not to engage in
actions such as opening attachments that they are not expecting,
and send a short monthly newsletter informing employees of the
direction in which the company is going in terms of security and
how they can help.
Very few incidents due to bad user security practices occurred
until Skyhaven Software was acquired. Skyhaven’s employees
appear to have almost no knowledge of information security.
You also have discovered that the Skyhaven employee who
informally provides technical assistance does not make backups
and has done little in terms of security configuration and patch
management.
18
The Problems – Overview
11. 19
Your Role
Hired two years ago as the only Chief Security Officer (CSO)
this company has ever had.
Report directly to the Chief Executive Officer (CEO).
Attend the weekly senior management meeting in which goals
are set, progress reports are given and issues to be resolved are
discussed.
The Information Security Department consists of just you; tw o
members of the security engineering team from software are
available eight hours each week.
10 years of experience as an information security manager, five
of which as a CSO, but you have no previous experience in the
software arena.
Four years of experience as a junior IT auditor.
Undergraduate degree in managing information systems and
have earned many continuing professional education credits in
information security, management and audit areas.
Five years ago, you earned your CISM certification.
The focus here is not on a business unit, but rather on Code
Galore as a whole, particularly on security risk that could
cripple the business.
Due primarily to cost-cutting measures the CEO has put in
place, your annual budget has been substantially less than you
requested each year.
Frankly, you have been lucky that no serious incident has
occurred so far. You know that in many ways your company has
been tempting fate.
You do the best you can with what you have, but levels of
12. unmitigated risk in some critical areas are fairly high.
Your Role and the Business Units
20
Mr. Wingate’s focus on cost cutting is a major reason that you
have not been able to obtain more resources for security risk
mitigation measures.
He is calm and fairly personable, but only a fair communicator,
something that results in your having to devote extra effort in
trying to learn his expectations of your company’s information
security risk mitigation effort and keeping him advised of risk
vectors and major developments and successes of this effort.
21
Your Role and the CEO, Ernest Wingate
Code Galore’s IT director is Carmela Duarte. She has put a
system of change control into effect for all IT activities
involving hardware and software.
This system is almost perfect for Code Galore—it is neither
draconian nor too lax and very few employees have any
complaints against it.
You have an excellent working relationship with her, and
although she is under considerable pressure from her boss, the
CTO, and the rest of C-level management to take shortcuts, she
usually tries to do what is right from a security control
perspective.
20. ‣ The loss magnitude scale described in this section is adjusted
for a specific organizational size and risk
capacity. Labels used in the scale (e.g., “Severe”, “Low”, etc.)
may need to be adjusted when analyzing
organizations of different sizes
‣ This process is a simplified, introductory version that may
not be appropriate for some analyses
Basic FAIR analysis is comprised of ten steps in four stages:
Stage 1 – Identify scenario components
1. Identify the asset at risk
2. Identify the threat community under consideration
Stage 2 – Evaluate Loss Event Frequency (LEF)
3. Estimate the probable Threat Event Frequency (TEF)
4. Estimate the Threat Capability (TCap)
5. Estimate Control strength (CS)
6. Derive Vulnerability (Vuln)
7. Derive Loss Event Frequency (LEF)
Stage 3 – Evaluate Probable Loss Magnitude (PLM)
8. Estimate worst-case loss
9. Estimate probable loss
21. Stage 4 – Derive and articulate Risk
10. Derive and articulate Risk
Risk
Loss Event
Frequency
Probable Loss
Magnitude
Threat Event
Frequency
Vulnerability
Contact Action
Control
Strength
Threat
Capability
Primary Loss
Factors
Secondary
Loss Factors
Asset Loss
Factors
Threat Loss
Factors
22. Organizational
Loss Factors
External Loss
Factors
FAIR™ Basic Risk Assessment Guide
All Content Copyright Risk Management Insight, LLC
Stage 1 – Identify Scenario Components
Step 1 – Identify the Asset(s) at risk
In order to estimate the control and value characteristics within
a risk analysis, the analyst must first identify the asset
(object) under evaluation. If a multilevel analysis is being
performed, the analyst will need to identify and evaluate the
primary asset (object) at risk and all meta-objects that exist
between the primary asset and the threat community. This
guide is intended for use in simple, single level risk analysis,
and does not describe the additional steps required for a
multilevel analysis.
Asset(s) at risk:
_____________________________________________________
_
Step 2 – Identify the Threat Community
23. In order to estimate Threat Event Frequency (TEF) and Threat
Capability (TCap), a specific threat community must first be
identified. At minimum, when evaluating the risk associated
with malicious acts, the analyst has to decide whether the
threat community is human or malware, and internal or external.
In most circumstances, it’s appropriate to define the
threat community more specifically – e.g., network engineers,
cleaning crew, etc., and characterize the expected nature
of the community. This document does not include guidance in
how to perform broad-spectrum (i.e., multi-threat
community) analyses.
Threat community:
_____________________________________________________
_
Characterization
FAIR™ Basic Risk Assessment Guide
All Content Copyright Risk Management Insight, LLC
Stage 2 – Evaluate Loss Event Frequency
Step 3 – Threat Event Frequency (TEF)
The probable frequency, within a given timeframe, that a threat
agent will act against an asset
24. Contributing factors: Contact Frequency, Probability of Action
n
Very High (VH) > 100 times per year
High (H) Between 10 and 100 times per year
Moderate (M) Between 1 and 10 times per year
Low (L) Between .1 and 1 times per year
Very Low (VL) < .1 times per year (less than once every ten
years)
Rationale
FAIR™ Basic Risk Assessment Guide
All Content Copyright Risk Management Insight, LLC
Step 4 – Threat Capability (Tcap)
The probable level of force that a threat agent is capable of
applying against an asset
Contributing factors: Skill, Resources
Description
Very High (VH) Top 2% when compared against the overall
threat population
25. High (H) Top 16% when compared against the overall threat
population
Moderate (M) Average skill and resources (between bottom 16%
and top 16%)
Low (L) Bottom 16% when compared against the overall threat
population
Very Low (VL) Bottom 2% when compared against the overall
threat population
Rationale
FAIR™ Basic Risk Assessment Guide
All Content Copyright Risk Management Insight, LLC
Step 5 – Control strength (CS)
The expected effectiveness of controls, over a given timeframe,
as measured against a baseline
level of force
Contributing factors: Strength, Assurance
Very High (VH) Protects against all but the top 2% of an avg.
threat population
High (H) Protects against all but the top 16% of an avg. threat
population
26. Moderate (M) Protects against the average threat agent
Low (L) Only protects against bottom 16% of an avg. threat
population
Very Low (VL) Only protects against bottom 2% of an avg.
threat population
Rationale
FAIR™ Basic Risk Assessment Guide
All Content Copyright Risk Management Insight, LLC
Step 6 – Vulnerability (Vuln)
The probability that an asset will be unable to resist the actions
of a threat agent
Tcap (from step 4):
CS (from step 5):
Vulnerability
VH VH VH VH H M
H VH VH H M L
Tcap M VH H M L VL
L H M L VL VL
27. VL M L VL VL VL
VL L M H VH
Control Strength
Vuln (from matrix above):
FAIR™ Basic Risk Assessment Guide
All Content Copyright Risk Management Insight, LLC
Step 7 – Loss Event Frequency (LEF)
The probable frequency, within a given timeframe, that a threat
agent will inflict harm upon an
asset
TEF (from step 3):
Vuln (from step 6):
Loss Event Frequency
VH M H VH VH VH
H L M H H H
TEF M VL L M M M
L VL VL L L L
28. VL VL VL VL VL VL
VL L M H VH
Vulnerability
LEF (from matrix above):
FAIR™ Basic Risk Assessment Guide
All Content Copyright Risk Management Insight, LLC
Stage 3 – Evaluate Probable Loss Magnitude
Step 8 – Estimate worst-case loss
Estimate worst-case magnitude using the following three steps:
‣ Determine the threat action that would most likely result in a
worst-case outcome
‣ Estimate the magnitude for each loss form associated with
that threat action
‣ “Sum” the loss form magnitudes
Loss Forms
Threat Actions Productivity Response Replacement
Fine/Judgments Comp. Adv. Reputation
Access
Misuse
Disclosure
29. Modification
Deny Access
Magnitude Range Low End Range High End
Severe (SV) $10,000,000 --
High (H) $1,000,000 $9,999,999
Significant (Sg) $100,000 $999,999
Moderate (M) $10,000 $99,999
Low (L) $1,000 $9,999
Very Low (VL) $0 $999
FAIR™ Basic Risk Assessment Guide
All Content Copyright Risk Management Insight, LLC
Step 9 – Estimate probable loss
Estimate probable loss magnitude using the following three
steps:
‣ Identify the most likely threat community action(s)
‣ Evaluate the probable loss magnitude for each loss form
‣ “Sum” the magnitudes
Loss Forms
30. Threat Actions Productivity Response Replacement
Fine/Judgments Comp. Adv. Reputation
Access
Misuse
Disclosure
Modification
Deny Access
Magnitude Range Low End Range High End
Severe (SV) $10,000,000 --
High (H) $1,000,000 $9,999,999
Significant (Sg) $100,000 $999,999
Moderate (M) $10,000 $99,999
Low (L) $1,000 $9,999
Very Low (VL) $0 $999
FAIR™ Basic Risk Assessment Guide
All Content Copyright Risk Management Insight, LLC
Stage 4 – Derive and Articulate Risk
Step 10 – Derive and Articulate Risk
31. The probable frequency and probable magnitude of future loss
Well-articulated risk analyses provide decision-makers with at
least two key pieces of information:
‣ The estimated loss event frequency (LEF), and
‣ The estimated probable loss magnitude (PLM)
This information can be conveyed through text, charts, or both.
In most circumstances, it’s advisable to also provide the
estimated high-end loss potential so that the decision-maker is
aware of what the worst-case scenario might look like.
Depending upon the scenario, additional specific information
may be warranted if, for example:
‣ Significant due diligence exposure exists
‣ Significant reputation, legal, or regulatory considerations
exist
Risk
Severe H H C C C
High M H H C C
PLM Significant M M H H C
Moderate L M M H H
Low L L M M M
Very Low L L M M M
32. VL L M H VH
LEF
LEF (from step 7):
PLM (from step 9):
WCLM (from step 8):
Key Risk Level
C Critical
H High
M Medium
L Low
FAIR™ Basic Risk Assessment Guide
All Content Copyright Risk Management Insight, LLC