How we can monitor risk transformation progress and performance.

  This week’s chapter readings focused on four mini-case studies with unique challenges presented that are highly relevant in the context of ERM.  Provide a brief summary of each of the four case studies by discussing for each case what was the challenge presented and some strengths and weakness in the risk management approaches. Conclude your discussion, based on the case study from chapter 29 “Transforming Risk Management at Akawini Copper”, by providing your thoughts on risk management transformations, specifically discussing  how we can monitor risk transformation progress and performance. 

Discuss the use of cloud services for business continuity and disaster recovery.

 
The CEO of your company is concerned that a natural disaster could make your company’s information systems unavailable long enough to significantly impact business. Currently, critical systems like file servers, e-mail services, and applications, such as HR, Payroll, Billing, and Customer Relationship Management (CRM), are hosted in a local datacenter. Your job is to educate the board on the benefits and risks associated with using cloud services for business continuity and disaster recovery in order to aid their decision on whether to move to a cloud-based service or continue working from a local datacenter.
Prepare a 4- to 5-page Microsoft® Word document discussing the use of cloud services for business continuity and disaster recovery.  Include the following:

Cloud Services for Business Continuity and Disaster Recovery:

Define business continuity and disaster recovery in the context of the cloud services
Show the importance of disaster continuity and disaster recovery to the function of the business

Risk Assessment:

Identify which risks can be transferred to the cloud provider based on the functions of the business
Explain new risks associated with using cloud services based on the functions of the business

Cost/Benefit Analysis:

Show the costs associated with a cloud-based solution for the business
Outline the benefits associated with a cloud-based solution for the business

Conclusion:

Relate the risk assessment and cost/benefit analysis to the business continuity and disaster recovery for the needs the business

Identify the fundamentals of public key infrastructure (PKI).

 
Imagine you are an Information Systems Security Officer for a medium-sized financial services firm that has operations in four (4) states (Virginia, Florida, Arizona, and California). Due to the highly sensitive data created, stored, and transported by your organization, the CIO is concerned with implementing proper security controls for the LAN-to-WAN domain. Specifically, the CIO is concerned with the following areas:

Protecting data privacy across the WAN
Filtering undesirable network traffic from the Internet
Filtering the traffic to the Internet that does not adhere to the organizational acceptable use policy (AUP) for the Web
Having a zone that allows access for anonymous users but aggressively controls information exchange with internal resources
Having an area designed to trap attackers in order to monitor attacker activities
Allowing a means to monitor network traffic in real time as a means to identify and block unusual activity
Hiding internal IP addresses
Allowing operating system and application patch management

The CIO has tasked you with proposing a series of hardware and software controls designed to provide security for the LAN-to-WAN domain. The CIO anticipates receiving both a written report and diagram(s) to support your recommendations.
Write a three to five page paper in which you:

Use MS Visio or an open source equivalent to graphically depict a solution for the provided scenario that will:

filter undesirable network traffic from the Internet
filter Web traffic to the Internet that does not adhere to the organizational AUP for the Web
allow for a zone for anonymous users but aggressively controls information exchange with internal resources
allow for an area designed to trap attackers in order to monitor attacker activities
offer a means to monitor network traffic in real time as a means to identify and block unusual activity
hide internal IP addresses

Identify the fundamentals of public key infrastructure (PKI).
Describe the manner in which your solution will protect the privacy of data transmitted across the WAN.
Analyze the requirements necessary to allow for proper operating system and application patch management and describe a solution that would be effective.
Use at least three quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Note: The graphically depicted solution is not included in the required page length.
Your assignment must follow these formatting requirements:

This course requires use of Strayer Writing Standards (SWS). The format is different than other Strayer University courses. Please take a moment to review the SWS documentation for details.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
Include charts or diagrams created in Visio or an equivalent such as Dia or OpenOffice. The completed diagrams / charts must be imported into the Word document before the paper is submitted.

The specific course learning outcomes associated with this assignment are:

Analyze information security systems compliance requirements within the Workstation and LAN Domains.
Use technology and information resources to research issues in security strategy and policy formation.
Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions

Develop the best practices for implementing and managing an information security governance program within an organization.

 
Information security management and governance are not simply implemented tasks within organizations. An information security governance program is a program that must be thoroughly planned, include senior-level management involvement and guidance, be implemented throughout the organization, and be updated and maintained. The International Organization for Standards (ISO) and the International Electrotechnical Commission (IEC) has created information security governance standards. Review the information security governance information provided by ISACA, located at http://www.isaca.org/Knowledge-Center/Research/Documents/Information-Security-Govenance-for-Board-of-Directors-and-Executive-Management_res_Eng_0510.pdf.
Write a paper in which you:

Define the information security governance and management tasks that senior management needs to address.
Describe the outcomes and the items that will be delivered to the organization through the information security program.
Develop a list of at least five best practices for implementing and managing an information security governance program within an organization.
Develop a checklist of items that needs to be addressed by senior management, including priorities and needed resources.
Use at least three quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your written paper must follow these formatting requirements:
This course requires use of new Student Writing Standards (SWS). The format is different than other Strayer University courses. Please take a moment to review the SWS documentation for details.
(Note: You’ll be prompted to enter your Blackboard login credentials to view these standards.)

Your paper should include a cover page.
Your paper should be of sufficient length to fully develop your own ideas that address the items called for in the instructions, and not be filled with “filler” information. Write clearly and concisely.
The paper should be double-spaced, 12-point font.

The specific course learning outcomes associated with this assignment are:

Examine the principles requiring governance of information within organizations.
Use technology and information resources to research legal issues in information security.
Write clearly and concisely about information security legal issues and topics using proper writing mechanics and technical style conventions.

Discuss how organizations have faced the challenges that incident handlers are challenged with in identifying incidents when resources have been moved to a cloud environment.

What to do

Search “scholar.google.com” or your textbook. Discuss how organizations have faced the challenges that incident handlers are challenged with in identifying incidents when resources have been moved to a cloud environment.

Instructions to follow

Turnitin Report 
min 300 words with 2 cited references
APA format
Zero plagiarism

Discuss the issues organizations face with regards to the protection of its customer information.

What to do

Search “scholar.google.com” or your textbook. Discuss the issues organization’s face with regards to the protection of its customer information. How might an organization notify its users that all communications are being monitored and preserved? How will end users typically respond to such announcements?
 
Instructions to follow

Turnitin Report 
300 words with 2 cited references
APA format
Zero plagiarism

Identify ways that an organization can maintain its risk.

Assignment 4: Business Continuity Plan

The phrase “the show must go on” is perhaps more true in business than in performing arts. Organizations need to be prepared to run continuously regardless of environmental conditions.

For this assessment, imagine that you are the IT manager for the only print shop in a small town in Idaho. The shop is connected to the internet by satellite link. Orders are received via the internet as well as by walk-ins with portable storage drives or smart phones that can transfer files via Bluetooth network.

Write a four to five (4-5) business continuity plan (BCP) in which you:

Identify the organization’s exposure to internal and external threats.
Identify ways that the organization can maintain its risk.
Describe the foreseen security risks.
Assess the importance of training the shop personnel on security risks.
Recommend at least two (2) strategies for continually improving the quality and effectiveness of the BCP.
Analyze the organizational risks inherent in the execution of the BCP plan.

Your assignment must follow these formatting requirements:

Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

Cyber law and Social Networking.

1)Research paper: 4000 word research paper . APA format. APA citation. 6-8 peer reviewed references. No plagiarism. 
Topic: Cyber law and Social Networking
   Apart from your own research, please make sure paper also cover these points- evaluate the amount of information they disclose and study their usage of the site’s privacy settings, potential attacks on various aspects of their privacy, and we show that only a minimal percentage of users changes the highly permeable privacy preferences. 

2)Research paper Summary: 500 word research paper . APA format. APA citation. No plagiarism.  2-3 peer reviewed references
Topic: Cyber law and Social Networking
 500-word summary of the results of your research paper.

3)Research paper Summary: 500 word research paper . APA format. APA citation. No plagiarism.  2-3 peer reviewed references
please assume you are a reporter writing ten years hence. Please discuss the technological changes that have been made since 2017 and how those changes have affected humanity, and how those changes have affected themselves.

Identify major risks that would result from General Motors(GM) converting an existing line to an all-electric line.

 Chapters 30, 31, and 34 presented three mini-case studies on ERM and risk. Each one presented a slightly different risk scenario. Suppose General Motors wants to replace one of their traditional lines of vehicles with all electric models. How could GM use game theory to identify and assess the major risks to this decision? Identify two major risks that would result from GM converting an existing line to an all-electric line. Provide a brief discussion of each risk, and your assessment of the levels of inherent, current, and residual risk, using GM’s five point scale.
 
To complete this assignment, you must do the following: Suppose General Motors wants to replace one of their traditional lines of vehicles with all electric models. How could GM use game theory to identify and assess the major risks to this decision? Identify two major risks that would result from GM converting an existing line to an all-electric line. Provide a brief discussion of each risk, and your assessment of the levels of inherent, current, and residual risk, using GM’s five point scale.
Instructions:
A) Post an answer to the Discussion Question (300-word minimum) by creating a thread. 

1 2 3 74