SlideShare a Scribd company logo

07057 Topic Risk Assessment (Global Finance, INC (GFI)Number o.docx

Download as DOCX, PDF
S
smithhedwards48727

07057 Topic: Risk Assessment (Global Finance, INC (GFI) Number of Pages: 6 (Double Spaced) Number of sources: 5 Writing Style: APA Type of document: Other (Not listed) Academic Level:Undergraduate Category: IT Management Language Style: English (U.S.) Order Instructions: ATTACHED This is a Risk assessment paper in which all complete instruction are uploaded. Please follow all instructions. As far as the 15 page minimum, I understand that I requested only a 6 page paper. The other 8 pages will be written by me. Please ensure you utilize the grading rubric to summarize all key points. All information that is written will be derived from the uploaded document. Use the Assignment section to cover all key points that needs to be addressed. For your conclusion please provide an executive summary conclusion. The quantitative and qualitative risk factor is crucial in this paper. GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a financial company that manages thousands of accounts across Canada, the United States, and Mexico. A public company traded on the NYSE, GFI specializes in financial management, loan application approval, wholesale loan processing, and investment of money management for their customers. The diagram below displays the executive management team of GFI: Figure 1 GFI Executive Organizational Chart BACKGROUND AND YOUR ROLE You are the Chief Security Officer, hired by COO Mike Willy, to protect the physical and operational security of GFI’s corporate information systems. Shortly after starting in your new position, you recognize numerous challenges that you will be facing in this pursuit. Your primary challenge, as is usually the case, is less technical and more of a political nature. CEO John Thompson has been swept up in the “everything can be solved by outsourcing” movement. He believes that the IT problem is a known quantity and feels the IT function can be almost entirely outsourced at fractions of the cost associated with creating and maintaining an established internal IT department. In fact, the CEO’s strategy has been to prevent IT from becoming a core competency since so many services can be obtained from 3rd parties. Based on this vision, the CEO has already begun downsizing the IT department and recently presented a proposal to his senior management team outlining his plan to greatly reduce the internal IT staff in favor of outsourcing. He plans on presenting this approach to the Board of Directors as soon as he has made a few more refinements in his presentation. COO Willy’s act of hiring you was, in fact, an act of desperation: the increasing operational dependence on technology services combined with a diminishing IT footprint gravely concerned Mike Willy, and he begged to at least bring in an Information Security expert with the experience necessary to evaluate the current security of GFI’s infrastructure and systems. The COO’s worst nightmare is.

Education
1 of 21
07057 Topic: Risk Assessment (Global Finance, INC (GFI) Number of Pages: 6 (Double Spaced) Number of sources: 5 Writing Style: APA Type of document: Other (Not listed) Academic Level:Undergraduate Category: IT Management Language Style: English (U.S.) Order Instructions: ATTACHED This is a Risk assessment paper in which all complete instruction are uploaded. Please follow all instructions. As far as the 15 page minimum, I understand that I requested only a 6 page paper. The other 8 pages will be written by me. Please ensure you utilize the grading rubric to summarize all key points. All information that is written will be derived from the uploaded document. Use the Assignment section to cover all key points that needs to be addressed. For your conclusion please provide an executive summary conclusion. The quantitative and qualitative risk factor is crucial in this paper.
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a financial company that manages thousands of accounts across Canada, the United States, and Mexico. A public company traded on the NYSE, GFI specializes in financial management, loan application approval, wholesale loan processing, and investment of money management for their customers. The diagram below displays the executive management team of GFI: Figure 1 GFI Executive Organizational Chart BACKGROUND AND YOUR ROLE You are the Chief Security Officer, hired by COO Mike Willy, to protect the physical and operational security of GFI’s corporate information systems. Shortly after starting in your new position, you recognize numerous challenges that you will be facing in this pursuit. Your primary challenge, as is usually the case, is less technical and more of a political nature. CEO John Thompson has been swept up in the “everything can be solved by outsourcing” movement. He believes that the IT problem is a known quantity and feels the IT function can be almost entirely outsourced at fractions of the cost associated with creating and maintaining an established internal IT department. In fact, the CEO’s strategy has been to prevent IT from becoming a core
competency since so many services can be obtained from 3rd parties. Based on this vision, the CEO has already begun downsizing the IT department and recently presented a proposal to his senior management team outlining his plan to greatly reduce the internal IT staff in favor of outsourcing. He plans on presenting this approach to the Board of Directors as soon as he has made a few more refinements in his presentation. COO Willy’s act of hiring you was, in fact, an act of desperation: the increasing operational dependence on technology services combined with a diminishing IT footprint gravely concerned Mike Willy, and he begged to at least bring in an Information Security expert with the experience necessary to evaluate the current security of GFI’s infrastructure and systems. The COO’s worst nightmare is a situation where the Confidentiality, Integrity, and Availability of GFI’s information systems were compromised – bringing the company to its knees – then having to rely on vendors to pull him out of the mess. COO Willy has reasons for worrying. GFI has experienced several cyber-attacks from outsiders over the past a few years: • In 2013, the Oracle database server was attacked and its customer database lost its confidentiality, integrity, and availability for several days. Although the company restored the Oracle database server back online, its lost confidentiality damaged the company reputation. GFI ended up paying its customers a large sum of settlement for their loss of data confidentiality.
• In 2014, another security attack was carried out by a malicious virus that infected the entire CEO John Thompson Vice President Trey Elway Executive Assistant Kim Johnson Executive Assistant Julie Anderson Executive Assistant Michelle Wang CCO Andy Murphy COO Mike Willy CFO Ron Johnson Director of Marketing John King
Director of HR Ted Young network for several days. While infected the Oracle and e-mail servers had to be shut down to quarantine these servers. COO Willy isn’t sure whether the virus entered GFI’s systems through a malicious email, from malware downloaded from the Internet, or via a user’s USB flash drive. Regardless of the source of the infection, the company lost $1,700,000 in revenue and intangible customer confidence. • In a separate incident in 2014, one of the financial consultants left his company laptop unprotected at the airport while travelling and it was stolen. It contained customer financial data and the hard drive was not encrypted. Financial reparations were paid to impacted customers. • In 2015, a laptop running network sniffer software was found plugged into a network jack under a desk in one of the unoccupied offices. It is apparent from the number of successful cyber-attacks that GFI is an organization severely lacking in information security maturity. COO Willy has commissioned you to perform a quantitative and qualitative risk assessment of GFI’s infrastructure to determine where improvements could be made to reduce the risk of future attacks.
CORPORATE OFFICE NETWORK TOPOLOGY The diagram on the following page displays GFI’s Corporate Office Topology. The GFI network infrastructure consists of a corporate WAN spanning 10 remote facilities that are interconnected to the GFI headquarters’ central data processing environment. Data is transmitted from a remote site through a VPN gateway appliance that forms a VPN tunnel with the VPN gateway in headquarters. Through this VPN connection, remote office users access the internal Oracle database to update the customer data tables. Through your inspection of the VPN configuration you discover that the data transaction traversing the remote access connection to the corporate internal databases is not encrypted. Users are authorized to work from home and both dial-up and VPN remote access are available. Dial-up is provided via Private Branch Exchange (PBX) and a Remote Access Server and VPN remote access is provided via the VPN gateway. Authentication is password- based via MS-CHAP V2. Users are also able to take advantage of GFI’s Bring Your Own Device (BYOD) policy and a Wireless antenna allows wireless networking within headquarters. WEP is used to provide wireless security to BYOD users. The network perimeter between the Internet and GFI’s internal network infrastructure is separated by two Border (Core) Routers. These Border Routers then connect to
two Distribution Routers and the VPN Gateway. The Distribution Routers connect to a RAS Server, a Wireless Router that provides a bridge between the Wireless Antenna and the internal network, and two Multi-layer switches. The Multilayer switches connect to six (6) Access Layer VLAN switches that segregate the Accounting, Loan Dept, Customer Services, Mgmt, Credit Dept, and Finance VLANs. The Multi-layer switches also connect to a third Multi-layer switch that provides a connection to GFI’s servers in the Trusted Computing Base subnet. The trusted computing based (TCB) internal network is situated in a physically separated subnet. A bulk of the data processing for GFI is handled by an Oracle database on a high end super computer located in the TCB and the TCB also contains an intranet web server used by the internal support team, a Software Update Services (SUS) server used for patch management, an internal DNS server, an e-mail server, and other support personnel workstations. Although each corporate department is segregated physically on a different subnet, they share access to the corporate data in the TCB network. NOTE: The symbol represents a multilayer switch CONSIDERATIONS WHEN CONDUCTING THE RISK ASSESSMENT:
This Risk Assessment and your suggested security improvements are of critical importance. CEO Thompson is set on outsourcing GFI’s IT competency and you’ve been told of a plan from COO Willy to outsource network management and security functions away from your department and over to a service integrator. COO Willy warns you that the political environment will only become more contentious over time; you must make a compelling case as to what value your department can bring over an integrator to provide security improvements in certain key areas without a significant increase to the IT budget. It is extremely important that you take into account the value of the assets being protected when selecting security controls to mitigate the risks (i.e. don’t spend $1000 to protect an asset worth $500). In addition to what you learned from COO Mike Willy about the previous exploits of GFI’s vulnerabilities and what you gathered when reviewing GFI’s network infrastructure, the COO has provided some additional information that he wants you to take into account: 1. Ever since an article ran in Fortune about GFI, the network engineers report that they’ve noted a significant spike in network traffic crossing into the internal networks. They report that they cannot be certain what or who is generating this traffic, but the volume and frequency of traffic is certainly abnormal. The management is very concerned over securing the corporate confidential data and customer information. Suggestions on improvements to perimeter security and/or methods of identifying the source of intrusions should be presented in your risk assessment.
90 90 Wireless Antenn9a0 2. The interrelationship between data and operations concerns COO Mike Willy. Increasingly, some of the ten (10) remote sites have been reporting significant problems with network latency, slow performance, and application time-outs against the Oracle database. The company’s business model is driving higher and higher demand for data, but your capability to respond to these problems are drastically limited. Suggestions on reducing network latency or increasing application response time and availability should be presented in your risk assessment. 3. Mobility is important for the organization to interact with the customers and other co-workers in near real-time. However, the COO is concerned with mobility security and would like you to research best practices for mobile computing. Security within the BYOD environment should be presented in your risk assessment. 4. Employees enjoy the flexibility of getting access to the corporate network using a WiFi network. However, the COO is concerned over the security ramifications over the wireless network that is widely open to the company and nearby residents. Security
within the wireless environment should be presented in your risk assessment. 5. The company plans to offer its products and services online and requested its IT department to design a Cloud Computing based e-commerce platform. However, the COO is particularly concerned over the cloud computing security in case the customer database is breached. ASSIGNMENTS • From the devices and systems identified in the GFI Corporate Network Topology, conduct a thorough asset inventory, assign monetary values to each asset (quantitative), and assign a priority value for each asset (qualitative) that could be used to determine which assets are most critical for restoral in the event of a catastrophic event or attack. • Evaluate the perimeter security, make a list of access points internal and external (remote), identify vulnerabilities and make suggestions for improvements to perimeter and network security. • Evaluate the remote access infrastructure, identify vulnerabilities and suggest security improvements to mitigate risks to remote access. • Address the COO’s concern over the mobility security and design a secure mobile computing (smart phones, tablets, laptops, etc.) in terms of authentication technologies and data protection.
• Identify wireless vulnerabilities and recommend what safeguards, authentication technologies, and network security to protect data should be implemented. • Evaluate the authentication protocols and methodologies within the wired, wireless, mobility and remote access environments and suggest improvements to secure authentication for GFI. • Evaluate the web system protocols and vulnerabilities within the Intranet server and suggest secure protocol improvements to improve security for web authentication. • Design a cloud computing environment for the company with a secure means of data protection at rest, in motion and in process. • Assess all known vulnerabilities on each asset in this environment and impacts if compromised. • Using the asset inventory and the assigned values (monetary and priority) conduct a quantitative and qualitative risk assessment of the GFI network. • Recommend risk mitigation procedures commensurate with the asset values from your asset inventory. Feel free to redesign the corporate infrastructure and use any combination of technologies to harden the authentication processes and network security measures. • Provide an Executive Summary. • You are welcome to make assumptions for any unknown facts as long as you support your
assumptions. • The Title Page, Table of Contents and References page(s) don’t count in your 15 page minimum!!! Risk Assessment Paper Rubric You are given a fictional scenario above describing security issues affecting organizational assets. You will identify the risks associated with the assets, and recommend mitigating procedures. You will prepare a quantitative / qualitative risk assessment to address risk factors on organizational assets. Your final paper will be 15–25 pages long in a Word document (double-spaced with 12 point font) with APA citations for the resources you used in your research and will be graded using the following rubric. Criteria Non-compliant Minimal Compliant Advanced Inventory assets and prioritize them in the order of mission criticality. Did not inventory or prioritize assets in the order of mission criticality. (0)
Inventoried assets but did not prioritize them in the order of mission criticality. (3) Inventoried, prioritized assets, but did not address mission objectives in their asset priority. (6) Inventoried, prioritized assets and addressed mission objectives in their asset priority. (10) Evaluate enterprise topology and perimeter protection. Did not evaluate enterprise topology and perimeter protection. (0) Evaluated enterprise topology but did not include perimeter protection measures. (3) Evaluated enterprise topology, perimeter protection measures, but
did not address mission objectives. (6) Evaluated enterprise topology, perimeter protection measures, and addressed mission objectives. . (10) Evaluate remote access to the networks. Did not evaluate remote access protocols and safeguards to the network. (0) Evaluated remote access protocols but did not address security safeguards to the network. (3) Evaluated remote access protocols, security safeguards to the network, but did not address mission objectives. (6) Evaluated remote access protocols, security safeguards to the network, and addressed mission
objectives. (10) Evaluate authentication protocols and methodologies. Did not evaluate authentication protocols and methodologies. (0) Evaluated authentication protocols, methodologies but with insufficient data or inadequate description. (3) Evaluated authentication protocols, methodologies with supporting data and description, but lacks mission objectives. (6) Evaluated authentication protocols, methodologies with supporting data, description; and addressed mission objectives. (10) Assign asset values to organization assets for
quantitative / qualitative risk assessment. Did not assign asset values to organization assets for quantitative / qualitative risk assessment. (0) Assigned asset values to organization assets for quantitative / qualitative risk assessment but incomplete. (3) Assigned asset values to organization assets in a complete inventory, but did not address mission objectives. (6) Assigned asset values to organization assets in a complete inventory, and addressed mission objectives. (10) Assess vulnerabilities on each asset and impacts if compromised.
Did not assess vulnerabilities on each asset and impacts if compromised. (0) Assessed vulnerabilities on each asset and impacts if compromised; but incomplete. (3) Assessed vulnerabilities on each asset and impacts if compromised; of complete inventory but did not address mission objectives. (6) Assessed vulnerabilities on each asset and impacts if compromised; of complete inventory and addressed mission objectives. (10) Evaluate web access protocols and vulnerabilities and Cloud Computing Did not evaluate web access
protocols and vulnerabilities and Cloud Computing (0) Evaluated web access protocols and vulnerabilities or Cloud Computing. (3) Evaluated web access protocols and vulnerabilities and Cloud Computing but did not address mission objectives. (6) Evaluated web access protocols and vulnerabilities and Cloud Computing and addressed mission objectives. (10) Criteria Non-compliant Minimal Compliant Advanced Recommend risk mitigation procedures commensurate with asset values. Did not
recommended risk mitigation procedures commensurate with asset values. (0) Recommended risk mitigation procedures commensurate with asset values, but incomplete. (3) Recommended risk mitigation procedures commensurate with asset values of complete inventory, but did not address mission objectives. (6) Recommended risk mitigation procedures commensurate with asset values of complete inventory, and addressed mission objectives. (10) Formulate 15-25 pages of a quantitative or qualitative risk assessment in APA format. Did not follow proper quantitative
or qualitative risk assessment format, and failed to conform to APA format. (0) Followed proper quantitative or qualitative risk assessment format but did not conform to APA format. (3) Followed proper quantitative or qualitative risk assessment format and conformed to APA but insufficient reference list and page count. (6) Followed proper quantitative or qualitative risk assessment format and conformed to APA in a sufficient reference list and page count. (10) Executive summary of risk assessment. Did not include an executive summary. (0) Included an executive
summary but lacks details. (3) Included an executive summary in details, but did not address the mission objectives. (6) Included an executive summary in details, and addressed mission objectives. (10) Figure 1 GFI Executive Organizational ChartBACKGROUND AND YOUR ROLECORPORATE OFFICE NETWORK TOPOLOGYCONSIDERATIONS WHEN CONDUCTING THE RISK ASSESSMENT:ASSIGNMENTSRisk Assessment Paper Rubric

Recommended

07029 Topic Final ProjectNumber of Pages 1 (Double Spaced).docx
07029 Topic Final ProjectNumber of Pages 1 (Double Spaced).docx07029 Topic Final ProjectNumber of Pages 1 (Double Spaced).docx
07029 Topic Final ProjectNumber of Pages 1 (Double Spaced).docxsmithhedwards48727
 
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI.docx
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI.docx GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI.docx
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI.docxaryan532920
 
CMIT 425 RISK ASSESSMENT PAPER
CMIT 425 RISK ASSESSMENT PAPERCMIT 425 RISK ASSESSMENT PAPER
CMIT 425 RISK ASSESSMENT PAPERHamesKellor
 
Case Problem for Global Finance, Inc.
Case Problem for Global Finance, Inc.Case Problem for Global Finance, Inc.
Case Problem for Global Finance, Inc.David Bustin
 
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a.docx
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a.docxGLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a.docx
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a.docxbudbarber38650
 
GLOBAL ASSET, INC. (GAI) Global Asset, Inc. (GAI) is a fin.docx
GLOBAL ASSET, INC. (GAI) Global Asset, Inc. (GAI) is a fin.docxGLOBAL ASSET, INC. (GAI) Global Asset, Inc. (GAI) is a fin.docx
GLOBAL ASSET, INC. (GAI) Global Asset, Inc. (GAI) is a fin.docxbudbarber38650
 
HELLMANN FINANCE, INC. Hellmann Finance, Inc. (HFI) i.docx
HELLMANN FINANCE, INC. Hellmann Finance, Inc. (HFI) i.docxHELLMANN FINANCE, INC. Hellmann Finance, Inc. (HFI) i.docx
HELLMANN FINANCE, INC. Hellmann Finance, Inc. (HFI) i.docxpooleavelina
 
My Risk Assessment and Mitigation Strategy by David Bustin
My Risk Assessment and Mitigation Strategy by David BustinMy Risk Assessment and Mitigation Strategy by David Bustin
My Risk Assessment and Mitigation Strategy by David BustinDavid Bustin
 

Recommended

07029 Topic Final ProjectNumber of Pages 1 (Double Spaced).docx
07029 Topic Final ProjectNumber of Pages 1 (Double Spaced).docx07029 Topic Final ProjectNumber of Pages 1 (Double Spaced).docx
07029 Topic Final ProjectNumber of Pages 1 (Double Spaced).docxsmithhedwards48727
 
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI.docx
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI.docx GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI.docx
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI.docxaryan532920
 
CMIT 425 RISK ASSESSMENT PAPER
CMIT 425 RISK ASSESSMENT PAPERCMIT 425 RISK ASSESSMENT PAPER
CMIT 425 RISK ASSESSMENT PAPERHamesKellor
 
Case Problem for Global Finance, Inc.
Case Problem for Global Finance, Inc.Case Problem for Global Finance, Inc.
Case Problem for Global Finance, Inc.David Bustin
 
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a.docx
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a.docxGLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a.docx
GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a.docxbudbarber38650
 
GLOBAL ASSET, INC. (GAI) Global Asset, Inc. (GAI) is a fin.docx
GLOBAL ASSET, INC. (GAI) Global Asset, Inc. (GAI) is a fin.docxGLOBAL ASSET, INC. (GAI) Global Asset, Inc. (GAI) is a fin.docx
GLOBAL ASSET, INC. (GAI) Global Asset, Inc. (GAI) is a fin.docxbudbarber38650
 
HELLMANN FINANCE, INC. Hellmann Finance, Inc. (HFI) i.docx
HELLMANN FINANCE, INC. Hellmann Finance, Inc. (HFI) i.docxHELLMANN FINANCE, INC. Hellmann Finance, Inc. (HFI) i.docx
HELLMANN FINANCE, INC. Hellmann Finance, Inc. (HFI) i.docxpooleavelina
 
My Risk Assessment and Mitigation Strategy by David Bustin
My Risk Assessment and Mitigation Strategy by David BustinMy Risk Assessment and Mitigation Strategy by David Bustin
My Risk Assessment and Mitigation Strategy by David BustinDavid Bustin
 
ZS Infotech v1.0
ZS Infotech v1.0ZS Infotech v1.0
ZS Infotech v1.0Muhammad Zubair
 
Hybrid Cloud Boosts Productivity While Keeping Privacy Intact
Hybrid Cloud Boosts Productivity While Keeping Privacy IntactHybrid Cloud Boosts Productivity While Keeping Privacy Intact
Hybrid Cloud Boosts Productivity While Keeping Privacy Intactsolgenia
 
NFRASTRUCTURE MODERNIZATION REVIEW Analyz.docx
NFRASTRUCTURE MODERNIZATION REVIEW Analyz.docxNFRASTRUCTURE MODERNIZATION REVIEW Analyz.docx
NFRASTRUCTURE MODERNIZATION REVIEW Analyz.docxcurwenmichaela
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinCloud Expo
 
Hybrid IT
Hybrid ITHybrid IT
Hybrid ITIsmail Muhammad
 
Vps server 3
Vps server 3Vps server 3
Vps server 3GeralynDeanda36
 
Page 1 of 4 Bullzeye Data Breach Readiness Assessment .docx
Page 1 of 4 Bullzeye Data Breach Readiness Assessment .docxPage 1 of 4 Bullzeye Data Breach Readiness Assessment .docx
Page 1 of 4 Bullzeye Data Breach Readiness Assessment .docxalfred4lewis58146
 
Comprehensive Data Leak Prevention
Comprehensive Data Leak PreventionComprehensive Data Leak Prevention
Comprehensive Data Leak PreventionTanvir Hashmi
 
Federal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelFederal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelBDPA Education and Technology Foundation
 
Rebooting IT Infrastructure for the Digital Age
Rebooting IT Infrastructure for the Digital AgeRebooting IT Infrastructure for the Digital Age
Rebooting IT Infrastructure for the Digital AgeCapgemini
 
The 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementThe 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementJumpCloud
 
ScenarioIntegrated Distributors Incorporated (IDI), a public.docx
ScenarioIntegrated Distributors Incorporated (IDI), a public.docxScenarioIntegrated Distributors Incorporated (IDI), a public.docx
ScenarioIntegrated Distributors Incorporated (IDI), a public.docxtodd491
 
CEO's Guide to Effective IT Management
CEO's Guide to Effective IT ManagementCEO's Guide to Effective IT Management
CEO's Guide to Effective IT Managementguest64c5c
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deckRichard (Dick) Kaufman
 
ISQS 4385 ASSIGNMENT - 6
ISQS 4385 ASSIGNMENT - 6ISQS 4385 ASSIGNMENT - 6
ISQS 4385 ASSIGNMENT - 6Michael Punzo
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksHokme
 
5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams 5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams Arun Chinnaraju MBA, PMP, CSM, CSPO, SA
 
Chapter 2Data Governance and IT Architecture Support Long-Term
Chapter 2Data Governance and IT Architecture Support Long-TermChapter 2Data Governance and IT Architecture Support Long-Term
Chapter 2Data Governance and IT Architecture Support Long-TermEstelaJeffery653
 
Chapter 2Data Governance and IT Architecture Support Long-Term.docx
Chapter 2Data Governance and IT Architecture Support Long-Term.docxChapter 2Data Governance and IT Architecture Support Long-Term.docx
Chapter 2Data Governance and IT Architecture Support Long-Term.docxcravennichole326
 
How to build a highly secure fin tech application
How to build a highly secure fin tech applicationHow to build a highly secure fin tech application
How to build a highly secure fin tech applicationnimbleappgenie
 
Write a five page paper that analysis the HispanicLatino politics i.docx
Write a five page paper that analysis the HispanicLatino politics i.docxWrite a five page paper that analysis the HispanicLatino politics i.docx
Write a five page paper that analysis the HispanicLatino politics i.docxsmithhedwards48727
 
Write a five (5) paragraph (or longer) essay response . Write your e.docx
Write a five (5) paragraph (or longer) essay response . Write your e.docxWrite a five (5) paragraph (or longer) essay response . Write your e.docx
Write a five (5) paragraph (or longer) essay response . Write your e.docxsmithhedwards48727
 

More Related Content

Similar to 07057 Topic Risk Assessment (Global Finance, INC (GFI)Number o.docx

Hybrid Cloud Boosts Productivity While Keeping Privacy Intact
Hybrid Cloud Boosts Productivity While Keeping Privacy IntactHybrid Cloud Boosts Productivity While Keeping Privacy Intact
Hybrid Cloud Boosts Productivity While Keeping Privacy Intactsolgenia
 
NFRASTRUCTURE MODERNIZATION REVIEW Analyz.docx
NFRASTRUCTURE MODERNIZATION REVIEW Analyz.docxNFRASTRUCTURE MODERNIZATION REVIEW Analyz.docx
NFRASTRUCTURE MODERNIZATION REVIEW Analyz.docxcurwenmichaela
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinCloud Expo
 
Page 1 of 4 Bullzeye Data Breach Readiness Assessment .docx
Page 1 of 4 Bullzeye Data Breach Readiness Assessment .docxPage 1 of 4 Bullzeye Data Breach Readiness Assessment .docx
Page 1 of 4 Bullzeye Data Breach Readiness Assessment .docxalfred4lewis58146
 
Comprehensive Data Leak Prevention
Comprehensive Data Leak PreventionComprehensive Data Leak Prevention
Comprehensive Data Leak PreventionTanvir Hashmi
 
Rebooting IT Infrastructure for the Digital Age
Rebooting IT Infrastructure for the Digital AgeRebooting IT Infrastructure for the Digital Age
Rebooting IT Infrastructure for the Digital AgeCapgemini
 
The 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementThe 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementJumpCloud
 
ScenarioIntegrated Distributors Incorporated (IDI), a public.docx
ScenarioIntegrated Distributors Incorporated (IDI), a public.docxScenarioIntegrated Distributors Incorporated (IDI), a public.docx
ScenarioIntegrated Distributors Incorporated (IDI), a public.docxtodd491
 
CEO's Guide to Effective IT Management
CEO's Guide to Effective IT ManagementCEO's Guide to Effective IT Management
CEO's Guide to Effective IT Managementguest64c5c
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deckRichard (Dick) Kaufman
 
ISQS 4385 ASSIGNMENT - 6
ISQS 4385 ASSIGNMENT - 6ISQS 4385 ASSIGNMENT - 6
ISQS 4385 ASSIGNMENT - 6Michael Punzo
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksHokme
 
Chapter 2Data Governance and IT Architecture Support Long-Term
Chapter 2Data Governance and IT Architecture Support Long-TermChapter 2Data Governance and IT Architecture Support Long-Term
Chapter 2Data Governance and IT Architecture Support Long-TermEstelaJeffery653
 
Chapter 2Data Governance and IT Architecture Support Long-Term.docx
Chapter 2Data Governance and IT Architecture Support Long-Term.docxChapter 2Data Governance and IT Architecture Support Long-Term.docx
Chapter 2Data Governance and IT Architecture Support Long-Term.docxcravennichole326
 
How to build a highly secure fin tech application
How to build a highly secure fin tech applicationHow to build a highly secure fin tech application
How to build a highly secure fin tech applicationnimbleappgenie
 

Similar to 07057 Topic Risk Assessment (Global Finance, INC (GFI)Number o.docx (20)

ZS Infotech v1.0
ZS Infotech v1.0ZS Infotech v1.0
ZS Infotech v1.0
 
Hybrid Cloud Boosts Productivity While Keeping Privacy Intact
Hybrid Cloud Boosts Productivity While Keeping Privacy IntactHybrid Cloud Boosts Productivity While Keeping Privacy Intact
Hybrid Cloud Boosts Productivity While Keeping Privacy Intact
 
NFRASTRUCTURE MODERNIZATION REVIEW Analyz.docx
NFRASTRUCTURE MODERNIZATION REVIEW Analyz.docxNFRASTRUCTURE MODERNIZATION REVIEW Analyz.docx
NFRASTRUCTURE MODERNIZATION REVIEW Analyz.docx
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny Heaberlin
 
Hybrid IT
Hybrid ITHybrid IT
Hybrid IT
 
Vps server 3
Vps server 3Vps server 3
Vps server 3
 
Page 1 of 4 Bullzeye Data Breach Readiness Assessment .docx
Page 1 of 4 Bullzeye Data Breach Readiness Assessment .docxPage 1 of 4 Bullzeye Data Breach Readiness Assessment .docx
Page 1 of 4 Bullzeye Data Breach Readiness Assessment .docx
 
Comprehensive Data Leak Prevention
Comprehensive Data Leak PreventionComprehensive Data Leak Prevention
Comprehensive Data Leak Prevention
 
Federal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive PanelFederal IT Initiatives - BDPA Conference Executive Panel
Federal IT Initiatives - BDPA Conference Executive Panel
 
Rebooting IT Infrastructure for the Digital Age
Rebooting IT Infrastructure for the Digital AgeRebooting IT Infrastructure for the Digital Age
Rebooting IT Infrastructure for the Digital Age
 
The 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementThe 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity Management
 
ScenarioIntegrated Distributors Incorporated (IDI), a public.docx
ScenarioIntegrated Distributors Incorporated (IDI), a public.docxScenarioIntegrated Distributors Incorporated (IDI), a public.docx
ScenarioIntegrated Distributors Incorporated (IDI), a public.docx
 
CEO's Guide to Effective IT Management
CEO's Guide to Effective IT ManagementCEO's Guide to Effective IT Management
CEO's Guide to Effective IT Management
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck
 
ISQS 4385 ASSIGNMENT - 6
ISQS 4385 ASSIGNMENT - 6ISQS 4385 ASSIGNMENT - 6
ISQS 4385 ASSIGNMENT - 6
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams 5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams
 
Chapter 2Data Governance and IT Architecture Support Long-Term
Chapter 2Data Governance and IT Architecture Support Long-TermChapter 2Data Governance and IT Architecture Support Long-Term
Chapter 2Data Governance and IT Architecture Support Long-Term
 
Chapter 2Data Governance and IT Architecture Support Long-Term.docx
Chapter 2Data Governance and IT Architecture Support Long-Term.docxChapter 2Data Governance and IT Architecture Support Long-Term.docx
Chapter 2Data Governance and IT Architecture Support Long-Term.docx
 
How to build a highly secure fin tech application
How to build a highly secure fin tech applicationHow to build a highly secure fin tech application
How to build a highly secure fin tech application
 

More from smithhedwards48727

Write a five page paper that analysis the HispanicLatino politics i.docx
Write a five page paper that analysis the HispanicLatino politics i.docxWrite a five page paper that analysis the HispanicLatino politics i.docx
Write a five page paper that analysis the HispanicLatino politics i.docxsmithhedwards48727
 
Write a five (5) paragraph (or longer) essay response . Write your e.docx
Write a five (5) paragraph (or longer) essay response . Write your e.docxWrite a five (5) paragraph (or longer) essay response . Write your e.docx
Write a five (5) paragraph (or longer) essay response . Write your e.docxsmithhedwards48727
 
Write a few words about Email threats briefly and & An.docx
Write a few words about Email threats briefly and & An.docxWrite a few words about Email threats briefly and & An.docx
Write a few words about Email threats briefly and & An.docxsmithhedwards48727
 
Write a essay about Gender stereotype in adaptation of fairy t.docx
Write a essay about Gender stereotype in adaptation of fairy t.docxWrite a essay about Gender stereotype in adaptation of fairy t.docx
Write a essay about Gender stereotype in adaptation of fairy t.docxsmithhedwards48727
 
write a draft of your research paper. in your draft copy, develop th.docx
write a draft of your research paper. in your draft copy, develop th.docxwrite a draft of your research paper. in your draft copy, develop th.docx
write a draft of your research paper. in your draft copy, develop th.docxsmithhedwards48727
 
Write a draft of your Research Paper.In your draft c.docx
Write a draft of your Research Paper.In your draft c.docxWrite a draft of your Research Paper.In your draft c.docx
Write a draft of your Research Paper.In your draft c.docxsmithhedwards48727
 
Write a detailed, analytical paragraph on the short story, incorpora.docx
Write a detailed, analytical paragraph on the short story, incorpora.docxWrite a detailed, analytical paragraph on the short story, incorpora.docx
Write a detailed, analytical paragraph on the short story, incorpora.docxsmithhedwards48727
 
Write a dialogue involving at least 10 - 15 interchanges about the e.docx
Write a dialogue involving at least 10 - 15 interchanges about the e.docxWrite a dialogue involving at least 10 - 15 interchanges about the e.docx
Write a dialogue involving at least 10 - 15 interchanges about the e.docxsmithhedwards48727
 
Write a detailed report on one of the following topics1- Differ.docx
Write a detailed report on one of the following topics1- Differ.docxWrite a detailed report on one of the following topics1- Differ.docx
Write a detailed report on one of the following topics1- Differ.docxsmithhedwards48727
 
Write a detailed report about a residential burglary. You are the of.docx
Write a detailed report about a residential burglary. You are the of.docxWrite a detailed report about a residential burglary. You are the of.docx
Write a detailed report about a residential burglary. You are the of.docxsmithhedwards48727
 
Write a detailed report about a armed robbery to a convenience store.docx
Write a detailed report about a armed robbery to a convenience store.docxWrite a detailed report about a armed robbery to a convenience store.docx
Write a detailed report about a armed robbery to a convenience store.docxsmithhedwards48727
 
Write a detailed report on International Association of classifi.docx
Write a detailed report on International Association of classifi.docxWrite a detailed report on International Association of classifi.docx
Write a detailed report on International Association of classifi.docxsmithhedwards48727
 
Write a detailed report (15 pages excluding references and intro pag.docx
Write a detailed report (15 pages excluding references and intro pag.docxWrite a detailed report (15 pages excluding references and intro pag.docx
Write a detailed report (15 pages excluding references and intro pag.docxsmithhedwards48727
 
Write a detailed evaluation of CWU — why you decided to come here to.docx
Write a detailed evaluation of CWU — why you decided to come here to.docxWrite a detailed evaluation of CWU — why you decided to come here to.docx
Write a detailed evaluation of CWU — why you decided to come here to.docxsmithhedwards48727
 
Write a detail Psychiatric diagnosis and Treatment planregimen .docx
Write a detail Psychiatric diagnosis and Treatment planregimen .docxWrite a detail Psychiatric diagnosis and Treatment planregimen .docx
Write a detail Psychiatric diagnosis and Treatment planregimen .docxsmithhedwards48727
 
Write a description of a process of doing grocery shopping so that y.docx
Write a description of a process of doing grocery shopping so that y.docxWrite a description of a process of doing grocery shopping so that y.docx
Write a description of a process of doing grocery shopping so that y.docxsmithhedwards48727
 
Write a critical evaluation of your learning outcome. In your re.docx
Write a critical evaluation of your learning outcome. In your re.docxWrite a critical evaluation of your learning outcome. In your re.docx
Write a critical evaluation of your learning outcome. In your re.docxsmithhedwards48727
 
write a description of Federich Woehler, Martin Kamen, Cornelis Bern.docx
write a description of Federich Woehler, Martin Kamen, Cornelis Bern.docxwrite a description of Federich Woehler, Martin Kamen, Cornelis Bern.docx
write a description of Federich Woehler, Martin Kamen, Cornelis Bern.docxsmithhedwards48727
 
Write a cover letter explaining what makes you qualified to take c.docx
Write a cover letter explaining what makes you qualified to take c.docxWrite a cover letter explaining what makes you qualified to take c.docx
Write a cover letter explaining what makes you qualified to take c.docxsmithhedwards48727
 
Write a critical essay on one of the following topics related to.docx
Write a critical essay on one of the following topics related to.docxWrite a critical essay on one of the following topics related to.docx
Write a critical essay on one of the following topics related to.docxsmithhedwards48727
 

More from smithhedwards48727 (20)

Write a five page paper that analysis the HispanicLatino politics i.docx
Write a five page paper that analysis the HispanicLatino politics i.docxWrite a five page paper that analysis the HispanicLatino politics i.docx
Write a five page paper that analysis the HispanicLatino politics i.docx
 
Write a five (5) paragraph (or longer) essay response . Write your e.docx
Write a five (5) paragraph (or longer) essay response . Write your e.docxWrite a five (5) paragraph (or longer) essay response . Write your e.docx
Write a five (5) paragraph (or longer) essay response . Write your e.docx
 
Write a few words about Email threats briefly and & An.docx
Write a few words about Email threats briefly and & An.docxWrite a few words about Email threats briefly and & An.docx
Write a few words about Email threats briefly and & An.docx
 
Write a essay about Gender stereotype in adaptation of fairy t.docx
Write a essay about Gender stereotype in adaptation of fairy t.docxWrite a essay about Gender stereotype in adaptation of fairy t.docx
Write a essay about Gender stereotype in adaptation of fairy t.docx
 
write a draft of your research paper. in your draft copy, develop th.docx
write a draft of your research paper. in your draft copy, develop th.docxwrite a draft of your research paper. in your draft copy, develop th.docx
write a draft of your research paper. in your draft copy, develop th.docx
 
Write a draft of your Research Paper.In your draft c.docx
Write a draft of your Research Paper.In your draft c.docxWrite a draft of your Research Paper.In your draft c.docx
Write a draft of your Research Paper.In your draft c.docx
 
Write a detailed, analytical paragraph on the short story, incorpora.docx
Write a detailed, analytical paragraph on the short story, incorpora.docxWrite a detailed, analytical paragraph on the short story, incorpora.docx
Write a detailed, analytical paragraph on the short story, incorpora.docx
 
Write a dialogue involving at least 10 - 15 interchanges about the e.docx
Write a dialogue involving at least 10 - 15 interchanges about the e.docxWrite a dialogue involving at least 10 - 15 interchanges about the e.docx
Write a dialogue involving at least 10 - 15 interchanges about the e.docx
 
Write a detailed report on one of the following topics1- Differ.docx
Write a detailed report on one of the following topics1- Differ.docxWrite a detailed report on one of the following topics1- Differ.docx
Write a detailed report on one of the following topics1- Differ.docx
 
Write a detailed report about a residential burglary. You are the of.docx
Write a detailed report about a residential burglary. You are the of.docxWrite a detailed report about a residential burglary. You are the of.docx
Write a detailed report about a residential burglary. You are the of.docx
 
Write a detailed report about a armed robbery to a convenience store.docx
Write a detailed report about a armed robbery to a convenience store.docxWrite a detailed report about a armed robbery to a convenience store.docx
Write a detailed report about a armed robbery to a convenience store.docx
 
Write a detailed report on International Association of classifi.docx
Write a detailed report on International Association of classifi.docxWrite a detailed report on International Association of classifi.docx
Write a detailed report on International Association of classifi.docx
 
Write a detailed report (15 pages excluding references and intro pag.docx
Write a detailed report (15 pages excluding references and intro pag.docxWrite a detailed report (15 pages excluding references and intro pag.docx
Write a detailed report (15 pages excluding references and intro pag.docx
 
Write a detailed evaluation of CWU — why you decided to come here to.docx
Write a detailed evaluation of CWU — why you decided to come here to.docxWrite a detailed evaluation of CWU — why you decided to come here to.docx
Write a detailed evaluation of CWU — why you decided to come here to.docx
 
Write a detail Psychiatric diagnosis and Treatment planregimen .docx
Write a detail Psychiatric diagnosis and Treatment planregimen .docxWrite a detail Psychiatric diagnosis and Treatment planregimen .docx
Write a detail Psychiatric diagnosis and Treatment planregimen .docx
 
Write a description of a process of doing grocery shopping so that y.docx
Write a description of a process of doing grocery shopping so that y.docxWrite a description of a process of doing grocery shopping so that y.docx
Write a description of a process of doing grocery shopping so that y.docx
 
Write a critical evaluation of your learning outcome. In your re.docx
Write a critical evaluation of your learning outcome. In your re.docxWrite a critical evaluation of your learning outcome. In your re.docx
Write a critical evaluation of your learning outcome. In your re.docx
 
write a description of Federich Woehler, Martin Kamen, Cornelis Bern.docx
write a description of Federich Woehler, Martin Kamen, Cornelis Bern.docxwrite a description of Federich Woehler, Martin Kamen, Cornelis Bern.docx
write a description of Federich Woehler, Martin Kamen, Cornelis Bern.docx
 
Write a cover letter explaining what makes you qualified to take c.docx
Write a cover letter explaining what makes you qualified to take c.docxWrite a cover letter explaining what makes you qualified to take c.docx
Write a cover letter explaining what makes you qualified to take c.docx
 
Write a critical essay on one of the following topics related to.docx
Write a critical essay on one of the following topics related to.docxWrite a critical essay on one of the following topics related to.docx
Write a critical essay on one of the following topics related to.docx
 

Recently uploaded

Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...Nguyen Thanh Tu Collection
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Pooja Bhuva
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfSherif Taha
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfNirmal Dwivedi
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and ModificationsMJDuyan
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxDr. Ravikiran H M Gowda
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibitjbellavia9
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomPooky Knightsmith
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfDr Vijay Vishwakarma
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsKarakKing
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...Amil baba
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17Celine George
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 

Recently uploaded (20)

Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 

07057 Topic Risk Assessment (Global Finance, INC (GFI)Number o.docx

  • 1. 07057 Topic: Risk Assessment (Global Finance, INC (GFI) Number of Pages: 6 (Double Spaced) Number of sources: 5 Writing Style: APA Type of document: Other (Not listed) Academic Level:Undergraduate Category: IT Management Language Style: English (U.S.) Order Instructions: ATTACHED This is a Risk assessment paper in which all complete instruction are uploaded. Please follow all instructions. As far as the 15 page minimum, I understand that I requested only a 6 page paper. The other 8 pages will be written by me. Please ensure you utilize the grading rubric to summarize all key points. All information that is written will be derived from the uploaded document. Use the Assignment section to cover all key points that needs to be addressed. For your conclusion please provide an executive summary conclusion. The quantitative and qualitative risk factor is crucial in this paper.
  • 2. GLOBAL FINANCE, INC. (GFI) Global Finance, Inc. (GFI) is a financial company that manages thousands of accounts across Canada, the United States, and Mexico. A public company traded on the NYSE, GFI specializes in financial management, loan application approval, wholesale loan processing, and investment of money management for their customers. The diagram below displays the executive management team of GFI: Figure 1 GFI Executive Organizational Chart BACKGROUND AND YOUR ROLE You are the Chief Security Officer, hired by COO Mike Willy, to protect the physical and operational security of GFI’s corporate information systems. Shortly after starting in your new position, you recognize numerous challenges that you will be facing in this pursuit. Your primary challenge, as is usually the case, is less technical and more of a political nature. CEO John Thompson has been swept up in the “everything can be solved by outsourcing” movement. He believes that the IT problem is a known quantity and feels the IT function can be almost entirely outsourced at fractions of the cost associated with creating and maintaining an established internal IT department. In fact, the CEO’s strategy has been to prevent IT from becoming a core
  • 3. competency since so many services can be obtained from 3rd parties. Based on this vision, the CEO has already begun downsizing the IT department and recently presented a proposal to his senior management team outlining his plan to greatly reduce the internal IT staff in favor of outsourcing. He plans on presenting this approach to the Board of Directors as soon as he has made a few more refinements in his presentation. COO Willy’s act of hiring you was, in fact, an act of desperation: the increasing operational dependence on technology services combined with a diminishing IT footprint gravely concerned Mike Willy, and he begged to at least bring in an Information Security expert with the experience necessary to evaluate the current security of GFI’s infrastructure and systems. The COO’s worst nightmare is a situation where the Confidentiality, Integrity, and Availability of GFI’s information systems were compromised – bringing the company to its knees – then having to rely on vendors to pull him out of the mess. COO Willy has reasons for worrying. GFI has experienced several cyber-attacks from outsiders over the past a few years: • In 2013, the Oracle database server was attacked and its customer database lost its confidentiality, integrity, and availability for several days. Although the company restored the Oracle database server back online, its lost confidentiality damaged the company reputation. GFI ended up paying its customers a large sum of settlement for their loss of data confidentiality.
  • 4. • In 2014, another security attack was carried out by a malicious virus that infected the entire CEO John Thompson Vice President Trey Elway Executive Assistant Kim Johnson Executive Assistant Julie Anderson Executive Assistant Michelle Wang CCO Andy Murphy COO Mike Willy CFO Ron Johnson Director of Marketing John King
  • 5. Director of HR Ted Young network for several days. While infected the Oracle and e-mail servers had to be shut down to quarantine these servers. COO Willy isn’t sure whether the virus entered GFI’s systems through a malicious email, from malware downloaded from the Internet, or via a user’s USB flash drive. Regardless of the source of the infection, the company lost $1,700,000 in revenue and intangible customer confidence. • In a separate incident in 2014, one of the financial consultants left his company laptop unprotected at the airport while travelling and it was stolen. It contained customer financial data and the hard drive was not encrypted. Financial reparations were paid to impacted customers. • In 2015, a laptop running network sniffer software was found plugged into a network jack under a desk in one of the unoccupied offices. It is apparent from the number of successful cyber-attacks that GFI is an organization severely lacking in information security maturity. COO Willy has commissioned you to perform a quantitative and qualitative risk assessment of GFI’s infrastructure to determine where improvements could be made to reduce the risk of future attacks.
  • 6. CORPORATE OFFICE NETWORK TOPOLOGY The diagram on the following page displays GFI’s Corporate Office Topology. The GFI network infrastructure consists of a corporate WAN spanning 10 remote facilities that are interconnected to the GFI headquarters’ central data processing environment. Data is transmitted from a remote site through a VPN gateway appliance that forms a VPN tunnel with the VPN gateway in headquarters. Through this VPN connection, remote office users access the internal Oracle database to update the customer data tables. Through your inspection of the VPN configuration you discover that the data transaction traversing the remote access connection to the corporate internal databases is not encrypted. Users are authorized to work from home and both dial-up and VPN remote access are available. Dial-up is provided via Private Branch Exchange (PBX) and a Remote Access Server and VPN remote access is provided via the VPN gateway. Authentication is password- based via MS-CHAP V2. Users are also able to take advantage of GFI’s Bring Your Own Device (BYOD) policy and a Wireless antenna allows wireless networking within headquarters. WEP is used to provide wireless security to BYOD users. The network perimeter between the Internet and GFI’s internal network infrastructure is separated by two Border (Core) Routers. These Border Routers then connect to
  • 7. two Distribution Routers and the VPN Gateway. The Distribution Routers connect to a RAS Server, a Wireless Router that provides a bridge between the Wireless Antenna and the internal network, and two Multi-layer switches. The Multilayer switches connect to six (6) Access Layer VLAN switches that segregate the Accounting, Loan Dept, Customer Services, Mgmt, Credit Dept, and Finance VLANs. The Multi-layer switches also connect to a third Multi-layer switch that provides a connection to GFI’s servers in the Trusted Computing Base subnet. The trusted computing based (TCB) internal network is situated in a physically separated subnet. A bulk of the data processing for GFI is handled by an Oracle database on a high end super computer located in the TCB and the TCB also contains an intranet web server used by the internal support team, a Software Update Services (SUS) server used for patch management, an internal DNS server, an e-mail server, and other support personnel workstations. Although each corporate department is segregated physically on a different subnet, they share access to the corporate data in the TCB network. NOTE: The symbol represents a multilayer switch CONSIDERATIONS WHEN CONDUCTING THE RISK ASSESSMENT:
  • 8. This Risk Assessment and your suggested security improvements are of critical importance. CEO Thompson is set on outsourcing GFI’s IT competency and you’ve been told of a plan from COO Willy to outsource network management and security functions away from your department and over to a service integrator. COO Willy warns you that the political environment will only become more contentious over time; you must make a compelling case as to what value your department can bring over an integrator to provide security improvements in certain key areas without a significant increase to the IT budget. It is extremely important that you take into account the value of the assets being protected when selecting security controls to mitigate the risks (i.e. don’t spend $1000 to protect an asset worth $500). In addition to what you learned from COO Mike Willy about the previous exploits of GFI’s vulnerabilities and what you gathered when reviewing GFI’s network infrastructure, the COO has provided some additional information that he wants you to take into account: 1. Ever since an article ran in Fortune about GFI, the network engineers report that they’ve noted a significant spike in network traffic crossing into the internal networks. They report that they cannot be certain what or who is generating this traffic, but the volume and frequency of traffic is certainly abnormal. The management is very concerned over securing the corporate confidential data and customer information. Suggestions on improvements to perimeter security and/or methods of identifying the source of intrusions should be presented in your risk assessment.
  • 9. 90 90 Wireless Antenn9a0 2. The interrelationship between data and operations concerns COO Mike Willy. Increasingly, some of the ten (10) remote sites have been reporting significant problems with network latency, slow performance, and application time-outs against the Oracle database. The company’s business model is driving higher and higher demand for data, but your capability to respond to these problems are drastically limited. Suggestions on reducing network latency or increasing application response time and availability should be presented in your risk assessment. 3. Mobility is important for the organization to interact with the customers and other co-workers in near real-time. However, the COO is concerned with mobility security and would like you to research best practices for mobile computing. Security within the BYOD environment should be presented in your risk assessment. 4. Employees enjoy the flexibility of getting access to the corporate network using a WiFi network. However, the COO is concerned over the security ramifications over the wireless network that is widely open to the company and nearby residents. Security
  • 10. within the wireless environment should be presented in your risk assessment. 5. The company plans to offer its products and services online and requested its IT department to design a Cloud Computing based e-commerce platform. However, the COO is particularly concerned over the cloud computing security in case the customer database is breached. ASSIGNMENTS • From the devices and systems identified in the GFI Corporate Network Topology, conduct a thorough asset inventory, assign monetary values to each asset (quantitative), and assign a priority value for each asset (qualitative) that could be used to determine which assets are most critical for restoral in the event of a catastrophic event or attack. • Evaluate the perimeter security, make a list of access points internal and external (remote), identify vulnerabilities and make suggestions for improvements to perimeter and network security. • Evaluate the remote access infrastructure, identify vulnerabilities and suggest security improvements to mitigate risks to remote access. • Address the COO’s concern over the mobility security and design a secure mobile computing (smart phones, tablets, laptops, etc.) in terms of authentication technologies and data protection.
  • 11. • Identify wireless vulnerabilities and recommend what safeguards, authentication technologies, and network security to protect data should be implemented. • Evaluate the authentication protocols and methodologies within the wired, wireless, mobility and remote access environments and suggest improvements to secure authentication for GFI. • Evaluate the web system protocols and vulnerabilities within the Intranet server and suggest secure protocol improvements to improve security for web authentication. • Design a cloud computing environment for the company with a secure means of data protection at rest, in motion and in process. • Assess all known vulnerabilities on each asset in this environment and impacts if compromised. • Using the asset inventory and the assigned values (monetary and priority) conduct a quantitative and qualitative risk assessment of the GFI network. • Recommend risk mitigation procedures commensurate with the asset values from your asset inventory. Feel free to redesign the corporate infrastructure and use any combination of technologies to harden the authentication processes and network security measures. • Provide an Executive Summary. • You are welcome to make assumptions for any unknown facts as long as you support your
  • 12. assumptions. • The Title Page, Table of Contents and References page(s) don’t count in your 15 page minimum!!! Risk Assessment Paper Rubric You are given a fictional scenario above describing security issues affecting organizational assets. You will identify the risks associated with the assets, and recommend mitigating procedures. You will prepare a quantitative / qualitative risk assessment to address risk factors on organizational assets. Your final paper will be 15–25 pages long in a Word document (double-spaced with 12 point font) with APA citations for the resources you used in your research and will be graded using the following rubric. Criteria Non-compliant Minimal Compliant Advanced Inventory assets and prioritize them in the order of mission criticality. Did not inventory or prioritize assets in the order of mission criticality. (0)
  • 13. Inventoried assets but did not prioritize them in the order of mission criticality. (3) Inventoried, prioritized assets, but did not address mission objectives in their asset priority. (6) Inventoried, prioritized assets and addressed mission objectives in their asset priority. (10) Evaluate enterprise topology and perimeter protection. Did not evaluate enterprise topology and perimeter protection. (0) Evaluated enterprise topology but did not include perimeter protection measures. (3) Evaluated enterprise topology, perimeter protection measures, but
  • 14. did not address mission objectives. (6) Evaluated enterprise topology, perimeter protection measures, and addressed mission objectives. . (10) Evaluate remote access to the networks. Did not evaluate remote access protocols and safeguards to the network. (0) Evaluated remote access protocols but did not address security safeguards to the network. (3) Evaluated remote access protocols, security safeguards to the network, but did not address mission objectives. (6) Evaluated remote access protocols, security safeguards to the network, and addressed mission
  • 15. objectives. (10) Evaluate authentication protocols and methodologies. Did not evaluate authentication protocols and methodologies. (0) Evaluated authentication protocols, methodologies but with insufficient data or inadequate description. (3) Evaluated authentication protocols, methodologies with supporting data and description, but lacks mission objectives. (6) Evaluated authentication protocols, methodologies with supporting data, description; and addressed mission objectives. (10) Assign asset values to organization assets for
  • 16. quantitative / qualitative risk assessment. Did not assign asset values to organization assets for quantitative / qualitative risk assessment. (0) Assigned asset values to organization assets for quantitative / qualitative risk assessment but incomplete. (3) Assigned asset values to organization assets in a complete inventory, but did not address mission objectives. (6) Assigned asset values to organization assets in a complete inventory, and addressed mission objectives. (10) Assess vulnerabilities on each asset and impacts if compromised.
  • 17. Did not assess vulnerabilities on each asset and impacts if compromised. (0) Assessed vulnerabilities on each asset and impacts if compromised; but incomplete. (3) Assessed vulnerabilities on each asset and impacts if compromised; of complete inventory but did not address mission objectives. (6) Assessed vulnerabilities on each asset and impacts if compromised; of complete inventory and addressed mission objectives. (10) Evaluate web access protocols and vulnerabilities and Cloud Computing Did not evaluate web access
  • 18. protocols and vulnerabilities and Cloud Computing (0) Evaluated web access protocols and vulnerabilities or Cloud Computing. (3) Evaluated web access protocols and vulnerabilities and Cloud Computing but did not address mission objectives. (6) Evaluated web access protocols and vulnerabilities and Cloud Computing and addressed mission objectives. (10) Criteria Non-compliant Minimal Compliant Advanced Recommend risk mitigation procedures commensurate with asset values. Did not
  • 19. recommended risk mitigation procedures commensurate with asset values. (0) Recommended risk mitigation procedures commensurate with asset values, but incomplete. (3) Recommended risk mitigation procedures commensurate with asset values of complete inventory, but did not address mission objectives. (6) Recommended risk mitigation procedures commensurate with asset values of complete inventory, and addressed mission objectives. (10) Formulate 15-25 pages of a quantitative or qualitative risk assessment in APA format. Did not follow proper quantitative
  • 20. or qualitative risk assessment format, and failed to conform to APA format. (0) Followed proper quantitative or qualitative risk assessment format but did not conform to APA format. (3) Followed proper quantitative or qualitative risk assessment format and conformed to APA but insufficient reference list and page count. (6) Followed proper quantitative or qualitative risk assessment format and conformed to APA in a sufficient reference list and page count. (10) Executive summary of risk assessment. Did not include an executive summary. (0) Included an executive
  • 21. summary but lacks details. (3) Included an executive summary in details, but did not address the mission objectives. (6) Included an executive summary in details, and addressed mission objectives. (10) Figure 1 GFI Executive Organizational ChartBACKGROUND AND YOUR ROLECORPORATE OFFICE NETWORK TOPOLOGYCONSIDERATIONS WHEN CONDUCTING THE RISK ASSESSMENT:ASSIGNMENTSRisk Assessment Paper Rubric