Table of Contents
1. Executive Summary
4. Risk Assessment
4.1. Organizational Assets
4.2. Assessment of Organizational Risk
4.3. Current Organizational Security Posture
4.4. Problems at GDI
4.5. Recommended Mitigation Strategy
1. Executive Summary
At this time the measures available to ensure information security include organizational controls such as limiting access to data, firewalls, antivirus systems, encryption, and application controls. When the security of the business fails and the private information of individuals is compromised the company faces many legal actions that can ruin the success of the organization. One way companies use information security that I find to be very helpful is encrypting (Rainer & Turban, 2009). Encrypting ensures that information is protected which is very important to me. Even if a cybercriminal is able to enter into a business’s network and collect information, the information will be encrypted and difficult for a hacker to use to his or her advantage. In this day and age I also think that antivirus systems are essential. The threat of viruses is everywhere and with more than one person working for a business; the network is under a huge threat for viruses which would leave the company susceptible to hackers and the unethical act of not protecting personal information.
The Information Security Risk Assessment will provide Global Distribution, Inc. (GDI) with the necessary guidance information for understanding current vulnerabilities within the information security. As information technology continues t...
... middle of paper ...
.... In addition, data transmission must involve encryption and decryption with all transmissions being tracked. Through this mitigation strategy, the company can reduce costs and use the internal IT department to ensure that all information is being protected under methods that are superior and based on the company needs and not a third parties simple options for stating security.
Computer Security Case Study. (n.d.). Global Distribution, Inc. Retrieved from Classroom Material.
Merkow, M. & Breithaupt, J. (2006) Information Security: Principles and Practices. Upper Saddle River, NJ: Pearson/Prentice Hall
Palmer, M. (2003). Guide to Operating Systems Security. New York: NY. McGraw Hill.
Shinn, L. (2008). Slouching? Measure Your Security Posture. Retrieved from http://technology.inc.com/2008/05/01/slouching-measure-your-security-posture/
Need Writing Help?
Get feedback on grammar, clarity, concision and logic instantly.Check your paper »
- Introduction Risk assessments address the potential adverse impacts to organizational operations and assets, individuals, other organizations, and the economic and national security interests of the United States, arising from the operation and use of information systems and the information processed, stored, and transmitted by those systems (NIST, 2012). Risk Assessment is an important tool for Information Technology (IT) managers to use for evaluating the security of the IT systems they manage, and in determining the potential for loss or harm to organizational operations, mission, and stakeholders.... [tags: Security, Risk, Computer security]
984 words (2.8 pages)
Risk Assessment Report On The Asset Under The Company 's Information Asset Or Data Classification Policy
- During the system characterization step, the system under review is comprehensively understood and the underlying technology base for the risk assessment is identified. This step will define the organization’s systems and identify the system boundaries, elements, users, and network infrastructure, if applicable. This step will also assess the value of the asset and classify the asset under the company’s information asset or data classification policy. The risk assessment report will normally include the following: Purpose of the risk assessment—what are the predefined objectives that this risk assessment is supposed to achieve.... [tags: Security, Risk, Risk assessment, Risk management]
2695 words (7.7 pages)
- M7A1: Case Study: Risk Assessment of Cyber Crime General Comments One item of great note in this case study is the fact that it is for a financial institution that is involved heavily in international transactions. This flavors the entire risk assessment because if a company is doing their work on a global and international basis, then there is the requirement of dealing with compliance, the legal and regulatory requirements in the rest of the world. For instance, the European Union has their independent privacy requirements and even Japan has a type of Sarbanes-Oxley, with France, Germany, Canada and Australia having both regulatory and legal requirements that must be embraced by anyone do... [tags: Security, Information security, Computer security]
1142 words (3.3 pages)
- The security models can be separated in two orders, specifically managerial arranged and specialised security models. This proposition, in any case, focuses on the specific arranged security models. In light of the deficiencies that exist in these models, tests of these lacks are: • The security models are completely based on products. In this case this is not an enough information as it contains a several components. By joining a couple of "secure" things, we can 't promise that the entire information system is "secure" moreover.... [tags: Risk, Security, Information security]
1141 words (3.3 pages)
- According to Wilshusen, information systems security plan refers to a formal plan that gives descriptions of the plan of action to secure an information system of an organization or business enterprise. The plan offers a systematic approach and methods for safeguarding information technology items of an organization from being accessed unauthorized users, guards against viruses and worms in addition to any other incidents that may jeopardize the underlying information system’s security (Wilshusen, 2011).... [tags: Information security, Computer security, Security]
1380 words (3.9 pages)
- The fourth phase of the Information security program is the Sustain phase. In this phase we are making sure to keep the network, computer systems, applications, and environment up and running in a secure and protected manner. This includes making sure that implemented controls are continuing to work properly, continue to do vulnerability assessments, and continue to do education and awareness. The price of security is the eternal vigilance, since the security is the ongoing thing, rather than one event only.... [tags: Security, Computer security, Risk]
736 words (2.1 pages)
- Why do we need management’s support for information security. Doesn’t IT own information security. The technical side is important, but management’s role cannot be overlooked. Thornton states that management has to drive information security. Why does management need to drive this policy. The management team is legally responsible for any breaches that occur. Plus, senior management has a fiduciary responsibility to the company’s assets. Our management can provide the necessary resources, including finances and personnel, needed to implement policy.... [tags: Information Security Essays]
2590 words (7.4 pages)
- An abundance of information security and risk management theories are prevalent; however, it can be difficult to identify valid and applicable theories. In the reading to follow, several information security and risk management theories are evaluated. These theories are presented and employed via various frameworks, models, and best practice guidelines. An assessment of sufficient research pertaining to these theories is addressed, along with a consideration of the challenges that arise from a lack of research.... [tags: it security, risk management, nist]
1902 words (5.4 pages)
- Risk Management and Homeland Security Risk is present in nearly every action and decision made around the world. Decisions and plans are determined primarily through discovering the risks and finding ways to avoid them and mitigate their impact. There is no doubt that with a mission of greater importance comes greater and more numerous threats and that is why managing risks is a high priority for Homeland Security in the U.S. To ensure the best possible security and safety decisions and plans, homeland security professionals must calculate every risk and find solutions to prevent or mitigate damage they might cause.... [tags: Risk management, Risk, Risk assessment]
1281 words (3.7 pages)
- Introduction The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad.... [tags: IT Security]
2693 words (7.7 pages)