Dear students, get latest Solved assignments by professionals.
Mail
us at: help.mbaassignments@gmail.com
Call
us at: 08263069601
NMIMS plagiarism proofed assignments available.
IT Security and Risk
Management
September 2022 Examination
Q1. As a term, people,
process, and technology (PPT) refers to the methodology in which the balance of
people, process, and
technology drives action:
People
perform a specific
type of work for an organization
using processes (and often, technology) to streamline
and improve these processes. What do you mean by security awareness for people, process, and technology?
(10 Marks)
Ans 1
Introduction
People, process and technology is a framework that is
used by most organizations to improve the day-to-day activities of their
employees and tools efficiently. This framework has helped to map the entire
value streams of people, processes, and technology. This helps provide full
control and visibility into high-performing teams so they can optimize
operations and ship faster. This PPT framework is all about how they work
together. The process makes this work more efficiently. Organizations can
achieve efficiency by balancing people, processes, and technology relationships
Q2. Access control is a method of guaranteeing that
users are who they say they
are and that they have the appropriate access to company data. Companies often grant access to
information and assets to staff
even
if it is not relevant to that
member of staff’s role.
Describe access control methodologies and implementation for purpose of security? Give detailed justifications for your recommendations. (10 Marks)
Ans 2
Introduction
The ultimate goal of an access control system is to
provide a level of security that reduces risk to an organization. These
organizationscenter on data from employee onboarding and offboarding to product
plans, financial documents, and customer details. Every organization must pay
close attention to how they store, access, and protect their assets. Without
proper access control, organization leaves their staff and customers vulnerable
to cyberattacks, data theft, or breach of privacy and data protection laws.An
access control system controls who can view or use any given resource. This can
translate to who can access and edit a particular
Q3. Started in March 2011, Company X is a New Delhi-based custom software solutions
provider company. Company deals in developing and customizing software solutions for clients on a
project basis and provides technical and business support in an outsourced
capability. The main business and service areas of the company
include IT consulting,
web design and
development,
mobile applications development, software development, robotics and Internet marketing. The company has
an
employee base of 50 people, and it caters clients from a wide range of industries including aerospace, automotive, consumer
goods, food, metal fabrication,
medical, pharmaceutical
and solar panel, among others.
Key excerpts are presented based on the interview responses from employees across hierarchy in
the
company.
Excerpt 01:
if the productivity is lost in our area, then it directly relates to losing our clients,
because we have to deliver our projects within scheduled time. And if client loses the trust, he will not give us more
business...
Excerpt 02:
for my organization, there are two assets which are most important; one is
the information which we hold and process, the second one, I will say, the technical human resources who do this job... my organization survives on managing information...
Excerpt 03:
time to time, there is top management support, but not up to the level what is required
in our organization, it is lacking..
Excerpt 04:
comprehensive information
security policy is there,
but
its compliance
is another issue…
3a. Based on the information presented above what would be the main areas of concern w.r.t IT Security for Company X? Give justification for each of your observations. (5 Marks)
Ans 3a
Introduction
Company core business integrity and staff protection
are critical, investing in security in companies are important in protecting
against cyber-attacks and security threats. Data breaches are time-consuming,
expensive, and bad for business. With strong information security, a company
reduces its risk of internal and external attacks on information technology
systems. They also protect sensitive data, protect systems from cyber-attacks,
Q3b. What would be the recommendations which you would like to suggest Company X to
safe guard them from any potential security threats. (5 Marks)
Ans 3b
Introduction
Data breaches and cyberattacks have, unfortunately,
become a common issue that businesses of all sizes need to guard against.
Knowing how to prevent potential security threats is crucial to running a
company’s operations effectively and securely. Information security threats
exist both outside and inside your organization. For Company X to protect the
security threats,
Dear students, get latest
Solved assignments by professionals.
Mail
us at: help.mbaassignments@gmail.com
Call
us at: 08263069601
NMIMS plagiarism proofed assignments available.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.