SlideShare a Scribd company logo

Cmgt 582 Effective Communication / snaptutorial.com

Download as DOCX, PDF
H
HarrisGeorg12

The document outlines a series of assignments for a course focusing on auditing HR departments, information security, privacy laws, risk assessments, and security policy implementations. Each assignment includes specific requirements such as presentations, memos, and analyses, addressing various aspects of ethical, legal, and security concerns within organizations. The assignments aim to enhance students' understanding of information security governance, risk management, and the implementation of security policies.

Education
1 of 16
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
CMGT 582 Assignment Audit of the HR Department For more classes visit www.snaptutorial.com You are part of a team has been selected by the Chief Information Officer (CIO) to perform an audit of the HR Department. Create a 10- to 12-slide presentation (not including the title and reference slides) that examines the specific audit steps that should be performed to evaluate the following areas: · Handling of ethical issues, including security-related legal/regulatory compliance (non-privacy related), intellectual property and licensing · Compliance with privacy related laws and regulations · Adequacy of security policies and security awareness training · Identification of security related risks/threats Include a minimum of two audit steps for each of the areas listed above. The audit steps should follow the following format: · Area: From the list above · Example: Security related risks/threats
· Potential Risk to be Reviewed: Describe the risk · Example: Viruses and malware can negatively impact the confidentiality, integrity, and availability of organizational data · Evaluation of Tools and Methods: Describe the control objective and the specific controls you will evaluate to determine potential risk is mitigated. Please note that typically, there will be more than one control that should be reviewed for a potential risk. · Example: Determine whether anti-virus software is in use · Example: Determine whether virus signatures are periodically updated · Example: Determine whether periodic virus scans are performed · Criteria/Measures to be Used: Describe the criteria/measures that you will use to evaluate the adequacy of each area/review step that you review (i.e., what criteria will you use to perform your evaluation/how will you determine that the risk has been mitigated to an acceptable level). · Example: 100% of servers and PCs have virus software installed · Example: 100% of the virus software installed is set to automatically update, including virus signatures. · Example: 100% of the virus software installed is set to automatically perform a scan at least weekly Your grade on the assignment will be based on how well you address: · The identification of potential ethical, legal/regulatory, privacy, and security related issues (20%)
· The evaluation of the tools and methods used to mitigate any ethical, legal/regulatory, and privacy related issues identified, as well as the tools and methods used to perform the review steps (20%) · The evaluation of the tools and methods used to mitigate any security-related issues identified, as well as the tools and methods used to perform the review steps (25%) · Criteria/measures that you will use to evaluate the adequacy of each area/review step that you review (i.e., how will you determine that the risk has been mitigated to an acceptable level) (20%) · Quality of written communication · Use of APA format/style Include a 1/2- to 1-page executive summary and support your presentation with appropriate references. ************************************************** CMGT 582 Week 1 Individual Assignment Getting Involved For more classes visit www.snaptutorial.com
Assignment Preparation: Activities include watching the SkillSoft® videos, completing the SkillSoft® course, independent student reading, and research. Watch the "Fostering Collective Responsibility for IT Risk" video. Watch the "Balancing Security with User Convenience" video. Complete "Introduction to Information Security Governance" topic of the Skillsoft® course "CISM 2012: Information Security Governance (Part 1)." Assignment: Situation: You have just joined an organization that depends on the use of the web to perform most of its major tasks. You have noticed that information security is mostly ignored by those performing the work tasks and it is not a priority with management or executive leadership. Write a 1- to 2-page memo to the Chief Executive Officer (CEO) that is designed to increase the priority of information security. Include a convincing argument of why the survival of the organization may depend on information security. Include these topics: Confidentiality, integrity, and availability Authenticity Accountability Threats from malicious software Security challenges of cloud computing Cyberterrorism and information warfare
CMGT 582 Week 2 Individual Assignment Security Within My Organization For more classes visit www.snaptutorial.com Assignment Preparation: Activities include watching the SkillSoft® videos, completing the SkillSoft® course, independent student reading, and research. Watch the "Technology and the Impact on Business and the Environment" Skillsoft video. Complete "Defining law and ethics" point of topic "The Relationship Between Law and Ethics" of the Skillsoft® course "Business Law and Ethics." Complete "Recognize the Effect of Laws and Regulations on Audit Planning," point of topic "Management of an IS Audit Function," of the lesson "Information Systems and the IS Audit Function" of the Skillsoft® course "CISA Domain: The Process of Auditing Information Systems - Part 1." Write a 3- to 4-page analysis of ethical considerations for maintaining confidentiality and customer data. Address the following issues in your analysis:
Define ethics. Apply ethics to information systems. Discuss the constituent parts IT/IS professional ethics. Connect or relate the discussed constituent parts into an overall structure that may relate to an IT/IS code of conduct or ethics. Discuss the rules produced by the Ad Hoc Committee on Responsible Computing. Describe the privacy regulations or laws related to the identified ethical issues ************************************************** CMGT 582 Week 3 Assignment Privacy with Ethics Considerations For more classes visit www.snaptutorial.com Create a 10- to 12-slide presentation evaluating the three areas of privacy issues specific to FERPA, HIPAA, and EEA. Develop scenarios
in all of the three areas that you feel are most important to the recipients protected by these laws and the methodology used in each. Include how each of these laws affects the requirements of companies or colleges and how each manages their security strategy to enforce compliance. Compare the effectiveness of each industry's efforts to ensure privacy issues are addressed and protected. Address and comment on the following issues in your analysis: · Define privacy in the three areas · Apply privacy and privacy protection to Information Systems · Repercussions to the companies protected by the three laws · Differences in the protection methodologies used by the 3 industries represented by these laws · Differences in security strategies used by the three industries · Describe how these three laws can change a company's security policies and mitigation plans · Explain why public corporations have the same privacy issues (for intellectual property) as people do (for personal information) · Conclude your assignment with ideas regarding how each law can be improved Include detailed speakers notes within your presentation. **************************************************
CMGT 582 Week 3 Individual Assignment Risk Assessment For more classes visit www.snaptutorial.com Assignment Preparation: Activities include watching the SkillSoft® videos, completing the SkillSoft® course, independent student reading, and research. Watch the "QuickTalks: David Bach: Nonmarket Strategy: The Next Frontier of Competitive Advantage" Skillsoft® video. Complete the "Intrusion Prevention Technologies" topic of the lesson "Understanding IPS Fundamentals" in the Skillsoft® course "Cisco IINS 2.0: Implementing IPS." Complete slides 1 to 3 of the "Risk Response Strategies" topic of the Skillsoft® lesson "Plan Risk Responses" of the course "Risk response and Control (PMBOK® Guide Fifth Edition)." Prepare a 3- to 5-page risk assessment of your organization or an organization with which you are familiar. Include how the formula for risk can be applied to the organization.
Describe how risk assessment is related to security controls or safeguards. Include the following in your assessment that is part of Figure 14.3, Risk Assessment Methodology, of the Stallings and Brown textbookComputer Security (p. 478): System characterization Threat identification Vulnerability identification Control analysis Likelihood determination Impact analysis Risk determination ************************************************** CMGT 582 Week 4 Individual Assignment Technologies and Methodologies Evaluation For more classes visit www.snaptutorial.com
Assignment Preparation: Activities include watching the SkillSoft® videos, completing the SkillSoft® course, independent student reading, and research. Watch the "Creating an Actionable Risk Management Strategy" SkillSoft® video. Complete the "Network Security Appliances and Methods" topic of the Skillsoft® course "CompTIA Network+ 2012: Network Security Part 3." Complete the "Firewalls, IDS and Network Security Solutions" topic of the Skillsoft®course "CompTIA Network+ 2012: Network Security Part 3." Consider information management risks to include cybercrime and cyber-related crimes. Write a 3- to 5-page evaluation of security technologies and methodologies used to mitigate information management risks. An evaluation is generally based on specific criteria and standards. Include at least the following: Firewalls Intrusion prevention systems Intrusion detection systems Access control Cryptographic tools and processes **************************************************
CMGT 582 Week 5 Assignment Mitigating Information Management Risk For more classes visit www.snaptutorial.com Consider information security risks, including: Cybercrime and cyber-related crimes Social engineering Mobile computing BYOD (Bring your own device). Write a 3 full page evaluation (not including the title and reference pages) of security technologies and methodologies that can be used to mitigate each of the above information security risks. Support your paper with appropriate references and follow APA format. Include the following for each type of risk: Description of the risk
Security technologies and methodologies that can be used to mitigate them Rationale describing how the risks are mitigated to an acceptable level Include a Turnitin report. Submit your assignment and Turnitin report using the Assignment Files tab. ************************************************** CMGT 582 Week 5 Individual Assignment Policy Implementation Presentation For more classes visit www.snaptutorial.com Assignment Preparation: Activities include watching the completing the SkillSoft®course, independent student reading, and research.
Complete the "Security Policy Documents and Life Cycle" topic of the Skillsoft® course "SSCP Domain: Security Operations and Administration Part 1." Complete the "Risk Management and Regulatory Compliance" topic of the "Security Policies and Life-Cycle Approach" lesson of the Skillsoft® course "Cisco IINS 2.0: Security and Strategies." Consider security planning policies, procedures, and models to include multilevel and cryptographic processes. Prepare 10-12 Slides Presentation Include the following: Description of security planning policies Description of how human resources security is included in security planning Description of how cryptographic tools may be included in security planning Application of security planning policies to manage security Evaluation of how specific policies are used to implement security plans **************************************************
CMGT 582 Week 5 Individual Assignment Policy Implementation For more classes visit www.snaptutorial.com Assignment Preparation: Activities include watching the completing the SkillSoft®course, independent student reading, and research. Complete the "Security Policy Documents and Life Cycle" topic of the Skillsoft® course "SSCP Domain: Security Operations and Administration Part 1." Complete the "Risk Management and Regulatory Compliance" topic of the "Security Policies and Life-Cycle Approach" lesson of the Skillsoft® course "Cisco IINS 2.0: Security and Strategies." Consider security planning policies, procedures, and models to include multilevel and cryptographic processes. Write 3-5 Page Paper Include the following: Description of security planning policies
Description of how human resources security is included in security planning Description of how cryptographic tools may be included in security planning Application of security planning policies to manage security Evaluation of how specific policies are used to implement security plans ************************************************** CMGT 582 Week 6 Individual Assignment Systems Development Life Cycle (SDLC) For more classes visit www.snaptutorial.com Assignment Preparation: Activities include watching the completing the SkillSoft®course, independent student reading, and research. Complete the "Information Risk Management Overview" topic of the "Information Risk Management Program" lesson of the Skillsoft®
course "CISM 2012: Information Risk Management and Compliance (Part 1)." Completethe "Auditing and Testing IS Security" topic of the "Auditing Internal and External Security" lesson of the Skillsoft® course "CISA Domain: Protection of Information Assets - Part 2." Consider the systems development life cycle (SDLC), security systems life cycle, and information systems security certification and accreditation. Write a 3- to 5-page evaluation of the use of the security life cycle. Include the following: All six phases Review of steps unique to the security life cycle, not in common with SDLC Applicable criteria and standards, such as certification and accreditation, used in your evaluation **************************************************

More Related Content

DOCX
CMGT 582 STUDY Inspiring Innovation--cmgt582study.com
KeatonJennings98
 
DOCX
Cmgt 582 Education Specialist -snaptutorial.com
DavisMurphyC37
 
PDF
PTX12_Presentation_George Delikouras AIA
George Delikouras
 
PDF
Hands on IT risk assessment
George Delikouras
 
DOCX
Generic_Sample_INFOSECPolicy_and_Procedures
Samuel Loomis
 
DOCX
CIS 558 Enhance teaching / snaptutorial.com
donaldzs56
 
DOC
Cis 558 Exceptional Education-snaptutorial.com
robertleses9
 
DOCX
The Significance of IT Security Management & Risk Assessment
Bradley Susser
 
CMGT 582 STUDY Inspiring Innovation--cmgt582study.com
KeatonJennings98
 
Cmgt 582 Education Specialist -snaptutorial.com
DavisMurphyC37
 
PTX12_Presentation_George Delikouras AIA
George Delikouras
 
Hands on IT risk assessment
George Delikouras
 
Generic_Sample_INFOSECPolicy_and_Procedures
Samuel Loomis
 
CIS 558 Enhance teaching / snaptutorial.com
donaldzs56
 
Cis 558 Exceptional Education-snaptutorial.com
robertleses9
 
The Significance of IT Security Management & Risk Assessment
Bradley Susser
 

What's hot (17)

PDF
Cis 558 Effective Communication-snaptutorial.com
jhonklinz11
 
DOCX
CIS 558 Education Organization / snaptutorial.com
McdonaldRyan39
 
DOC
Cis 558 Education Specialist-snaptutorial.com
robertlesew96
 
PDF
IT Security and Risk Management - Visionet Systems
Visionet Systems, Inc.
 
DOCX
Cis 558 Enthusiastic Study / snaptutorial.com
Stephenson06
 
PDF
Implementing AppSec Policies with TeamMentor
tmbainjr131
 
PDF
Practical approach to security risk management
G3 intelligence Ltd
 
PDF
Tips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
Hernan Huwyler, MBA CPA
 
PDF
Taking the Pulse of IT Security for 2019: Results from Syncsort's Security Su...
Precisely
 
PDF
Information Security Strategic Management
Marcelo Martins
 
DOCX
Cmgt 433 Entire Course NEW
shyamuop
 
PDF
PROPOSING SECURITY REQUIREMENT PRIORITIZATION FRAMEWORK
IJCSEA Journal
 
PDF
Information Risk Management - Cyber Risk Management - IT Risks
Hernan Huwyler, MBA CPA
 
PPTX
The challenges for the internal auditor
Rodoljub Kajganić
 
PDF
u10a1-Risk Assessment Report-Beji Jacob
Beji Jacob
 
PDF
How to measure your cybersecurity performance
Abhishek Sood
 
PDF
Adding Analytics to your Cybersecurity Toolkit with CompTIA Cybersecurity Ana...
CompTIA
 
Cis 558 Effective Communication-snaptutorial.com
jhonklinz11
 
CIS 558 Education Organization / snaptutorial.com
McdonaldRyan39
 
Cis 558 Education Specialist-snaptutorial.com
robertlesew96
 
IT Security and Risk Management - Visionet Systems
Visionet Systems, Inc.
 
Cis 558 Enthusiastic Study / snaptutorial.com
Stephenson06
 
Implementing AppSec Policies with TeamMentor
tmbainjr131
 
Practical approach to security risk management
G3 intelligence Ltd
 
Tips for IT Risk Management Prof. Hernan Huwyler Information Security Institute
Hernan Huwyler, MBA CPA
 
Taking the Pulse of IT Security for 2019: Results from Syncsort's Security Su...
Precisely
 
Information Security Strategic Management
Marcelo Martins
 
Cmgt 433 Entire Course NEW
shyamuop
 
PROPOSING SECURITY REQUIREMENT PRIORITIZATION FRAMEWORK
IJCSEA Journal
 
Information Risk Management - Cyber Risk Management - IT Risks
Hernan Huwyler, MBA CPA
 
The challenges for the internal auditor
Rodoljub Kajganić
 
u10a1-Risk Assessment Report-Beji Jacob
Beji Jacob
 
How to measure your cybersecurity performance
Abhishek Sood
 
Adding Analytics to your Cybersecurity Toolkit with CompTIA Cybersecurity Ana...
CompTIA
 
Ad

Similar to Cmgt 582 Effective Communication / snaptutorial.com (20)

DOCX
CMGT 582 Entire Course NEW
shyamuopuop
 
DOCX
Cmgt 582 Enthusiastic Study / snaptutorial.com
Stephenson032
 
DOCX
Cmgt 582 Success Begins / snaptutorial.com
WilliamsTaylorza47
 
DOCX
Cis 558 Technology levels--snaptutorial.com
sholingarjosh63
 
DOCX
CIS 558 Success Begins / snaptutorial.com
Robinson075
 
DOCX
CST 610 RANK Redefined Education--cst610rank.com
claric240
 
DOC
Cyb 610 Enhance teaching / snaptutorial.com
Baileyaby
 
DOCX
CSEC 610 Education Specialist / snaptutorial.com
McdonaldRyan78
 
DOCX
CST 610 RANK Achievement Education--cst610rank.com
kopiko146
 
DOC
Cst 610 Enhance teaching / snaptutorial.com
Baileyabw
 
DOCX
CST 610 RANK Inspiring Innovation--cst610rank.com
KeatonJennings104
 
PDF
CST 610 RANK Become Exceptional--cst610rank.com
agathachristie112
 
DOCX
CST 610 RANK Educational Specialist--cst610rank.com
VSNaipaul15
 
PDF
Cst 610 Believe Possibilities / snaptutorial.com
Davis10a
 
DOC
Csec 610 Enhance teaching / snaptutorial.com
Baileyabv
 
DOCX
CSEC 610 Effective Communication/tutorialrank.com
jonhson198
 
DOCX
CST 610 Effective Communication/tutorialrank.com
jonhson198
 
DOCX
CSEC 610 Effective Communication - snaptutorial.com
donaldzs7
 
PDF
Csec 610 Believe Possibilities / snaptutorial.com
Davis10a
 
DOCX
CST 610 Exceptional Education - snaptutorial.com
DavisMurphyA97
 
CMGT 582 Entire Course NEW
shyamuopuop
 
Cmgt 582 Enthusiastic Study / snaptutorial.com
Stephenson032
 
Cmgt 582 Success Begins / snaptutorial.com
WilliamsTaylorza47
 
Cis 558 Technology levels--snaptutorial.com
sholingarjosh63
 
CIS 558 Success Begins / snaptutorial.com
Robinson075
 
CST 610 RANK Redefined Education--cst610rank.com
claric240
 
Cyb 610 Enhance teaching / snaptutorial.com
Baileyaby
 
CSEC 610 Education Specialist / snaptutorial.com
McdonaldRyan78
 
CST 610 RANK Achievement Education--cst610rank.com
kopiko146
 
Cst 610 Enhance teaching / snaptutorial.com
Baileyabw
 
CST 610 RANK Inspiring Innovation--cst610rank.com
KeatonJennings104
 
CST 610 RANK Become Exceptional--cst610rank.com
agathachristie112
 
CST 610 RANK Educational Specialist--cst610rank.com
VSNaipaul15
 
Cst 610 Believe Possibilities / snaptutorial.com
Davis10a
 
Csec 610 Enhance teaching / snaptutorial.com
Baileyabv
 
CSEC 610 Effective Communication/tutorialrank.com
jonhson198
 
CST 610 Effective Communication/tutorialrank.com
jonhson198
 
CSEC 610 Effective Communication - snaptutorial.com
donaldzs7
 
Csec 610 Believe Possibilities / snaptutorial.com
Davis10a
 
CST 610 Exceptional Education - snaptutorial.com
DavisMurphyA97
 
Ad

Recently uploaded (20)

PDF
A systematic review of self-coping strategies used by university students to ...
CleeveMoralde1
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PPTX
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
PDF
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
PDF
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PDF
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
PDF
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
PDF
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
PPTX
Presentation on HIE in infants and its manifestations
joghikamal786
 
PPTX
Lesson notes of climatology university.
sgladness67
 
PDF
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PDF
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
PPTX
Tissue processing ( HISTOPATHOLOGICAL TECHNIQUE
mathiasmelwyn7
 
PDF
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
A systematic review of self-coping strategies used by university students to ...
CleeveMoralde1
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
Presentation on HIE in infants and its manifestations
joghikamal786
 
Lesson notes of climatology university.
sgladness67
 
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
Tissue processing ( HISTOPATHOLOGICAL TECHNIQUE
mathiasmelwyn7
 
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 

Cmgt 582 Effective Communication / snaptutorial.com

  • 1. CMGT 582 Assignment Audit of the HR Department For more classes visit www.snaptutorial.com You are part of a team has been selected by the Chief Information Officer (CIO) to perform an audit of the HR Department. Create a 10- to 12-slide presentation (not including the title and reference slides) that examines the specific audit steps that should be performed to evaluate the following areas: · Handling of ethical issues, including security-related legal/regulatory compliance (non-privacy related), intellectual property and licensing · Compliance with privacy related laws and regulations · Adequacy of security policies and security awareness training · Identification of security related risks/threats Include a minimum of two audit steps for each of the areas listed above. The audit steps should follow the following format: · Area: From the list above · Example: Security related risks/threats
  • 2. · Potential Risk to be Reviewed: Describe the risk · Example: Viruses and malware can negatively impact the confidentiality, integrity, and availability of organizational data · Evaluation of Tools and Methods: Describe the control objective and the specific controls you will evaluate to determine potential risk is mitigated. Please note that typically, there will be more than one control that should be reviewed for a potential risk. · Example: Determine whether anti-virus software is in use · Example: Determine whether virus signatures are periodically updated · Example: Determine whether periodic virus scans are performed · Criteria/Measures to be Used: Describe the criteria/measures that you will use to evaluate the adequacy of each area/review step that you review (i.e., what criteria will you use to perform your evaluation/how will you determine that the risk has been mitigated to an acceptable level). · Example: 100% of servers and PCs have virus software installed · Example: 100% of the virus software installed is set to automatically update, including virus signatures. · Example: 100% of the virus software installed is set to automatically perform a scan at least weekly Your grade on the assignment will be based on how well you address: · The identification of potential ethical, legal/regulatory, privacy, and security related issues (20%)
  • 3. · The evaluation of the tools and methods used to mitigate any ethical, legal/regulatory, and privacy related issues identified, as well as the tools and methods used to perform the review steps (20%) · The evaluation of the tools and methods used to mitigate any security-related issues identified, as well as the tools and methods used to perform the review steps (25%) · Criteria/measures that you will use to evaluate the adequacy of each area/review step that you review (i.e., how will you determine that the risk has been mitigated to an acceptable level) (20%) · Quality of written communication · Use of APA format/style Include a 1/2- to 1-page executive summary and support your presentation with appropriate references. ************************************************** CMGT 582 Week 1 Individual Assignment Getting Involved For more classes visit www.snaptutorial.com
  • 4. Assignment Preparation: Activities include watching the SkillSoft® videos, completing the SkillSoft® course, independent student reading, and research. Watch the "Fostering Collective Responsibility for IT Risk" video. Watch the "Balancing Security with User Convenience" video. Complete "Introduction to Information Security Governance" topic of the Skillsoft® course "CISM 2012: Information Security Governance (Part 1)." Assignment: Situation: You have just joined an organization that depends on the use of the web to perform most of its major tasks. You have noticed that information security is mostly ignored by those performing the work tasks and it is not a priority with management or executive leadership. Write a 1- to 2-page memo to the Chief Executive Officer (CEO) that is designed to increase the priority of information security. Include a convincing argument of why the survival of the organization may depend on information security. Include these topics: Confidentiality, integrity, and availability Authenticity Accountability Threats from malicious software Security challenges of cloud computing Cyberterrorism and information warfare
  • 5. CMGT 582 Week 2 Individual Assignment Security Within My Organization For more classes visit www.snaptutorial.com Assignment Preparation: Activities include watching the SkillSoft® videos, completing the SkillSoft® course, independent student reading, and research. Watch the "Technology and the Impact on Business and the Environment" Skillsoft video. Complete "Defining law and ethics" point of topic "The Relationship Between Law and Ethics" of the Skillsoft® course "Business Law and Ethics." Complete "Recognize the Effect of Laws and Regulations on Audit Planning," point of topic "Management of an IS Audit Function," of the lesson "Information Systems and the IS Audit Function" of the Skillsoft® course "CISA Domain: The Process of Auditing Information Systems - Part 1." Write a 3- to 4-page analysis of ethical considerations for maintaining confidentiality and customer data. Address the following issues in your analysis:
  • 6. Define ethics. Apply ethics to information systems. Discuss the constituent parts IT/IS professional ethics. Connect or relate the discussed constituent parts into an overall structure that may relate to an IT/IS code of conduct or ethics. Discuss the rules produced by the Ad Hoc Committee on Responsible Computing. Describe the privacy regulations or laws related to the identified ethical issues ************************************************** CMGT 582 Week 3 Assignment Privacy with Ethics Considerations For more classes visit www.snaptutorial.com Create a 10- to 12-slide presentation evaluating the three areas of privacy issues specific to FERPA, HIPAA, and EEA. Develop scenarios
  • 7. in all of the three areas that you feel are most important to the recipients protected by these laws and the methodology used in each. Include how each of these laws affects the requirements of companies or colleges and how each manages their security strategy to enforce compliance. Compare the effectiveness of each industry's efforts to ensure privacy issues are addressed and protected. Address and comment on the following issues in your analysis: · Define privacy in the three areas · Apply privacy and privacy protection to Information Systems · Repercussions to the companies protected by the three laws · Differences in the protection methodologies used by the 3 industries represented by these laws · Differences in security strategies used by the three industries · Describe how these three laws can change a company's security policies and mitigation plans · Explain why public corporations have the same privacy issues (for intellectual property) as people do (for personal information) · Conclude your assignment with ideas regarding how each law can be improved Include detailed speakers notes within your presentation. **************************************************
  • 8. CMGT 582 Week 3 Individual Assignment Risk Assessment For more classes visit www.snaptutorial.com Assignment Preparation: Activities include watching the SkillSoft® videos, completing the SkillSoft® course, independent student reading, and research. Watch the "QuickTalks: David Bach: Nonmarket Strategy: The Next Frontier of Competitive Advantage" Skillsoft® video. Complete the "Intrusion Prevention Technologies" topic of the lesson "Understanding IPS Fundamentals" in the Skillsoft® course "Cisco IINS 2.0: Implementing IPS." Complete slides 1 to 3 of the "Risk Response Strategies" topic of the Skillsoft® lesson "Plan Risk Responses" of the course "Risk response and Control (PMBOK® Guide Fifth Edition)." Prepare a 3- to 5-page risk assessment of your organization or an organization with which you are familiar. Include how the formula for risk can be applied to the organization.
  • 9. Describe how risk assessment is related to security controls or safeguards. Include the following in your assessment that is part of Figure 14.3, Risk Assessment Methodology, of the Stallings and Brown textbookComputer Security (p. 478): System characterization Threat identification Vulnerability identification Control analysis Likelihood determination Impact analysis Risk determination ************************************************** CMGT 582 Week 4 Individual Assignment Technologies and Methodologies Evaluation For more classes visit www.snaptutorial.com
  • 10. Assignment Preparation: Activities include watching the SkillSoft® videos, completing the SkillSoft® course, independent student reading, and research. Watch the "Creating an Actionable Risk Management Strategy" SkillSoft® video. Complete the "Network Security Appliances and Methods" topic of the Skillsoft® course "CompTIA Network+ 2012: Network Security Part 3." Complete the "Firewalls, IDS and Network Security Solutions" topic of the Skillsoft®course "CompTIA Network+ 2012: Network Security Part 3." Consider information management risks to include cybercrime and cyber-related crimes. Write a 3- to 5-page evaluation of security technologies and methodologies used to mitigate information management risks. An evaluation is generally based on specific criteria and standards. Include at least the following: Firewalls Intrusion prevention systems Intrusion detection systems Access control Cryptographic tools and processes **************************************************
  • 11. CMGT 582 Week 5 Assignment Mitigating Information Management Risk For more classes visit www.snaptutorial.com Consider information security risks, including: Cybercrime and cyber-related crimes Social engineering Mobile computing BYOD (Bring your own device). Write a 3 full page evaluation (not including the title and reference pages) of security technologies and methodologies that can be used to mitigate each of the above information security risks. Support your paper with appropriate references and follow APA format. Include the following for each type of risk: Description of the risk
  • 12. Security technologies and methodologies that can be used to mitigate them Rationale describing how the risks are mitigated to an acceptable level Include a Turnitin report. Submit your assignment and Turnitin report using the Assignment Files tab. ************************************************** CMGT 582 Week 5 Individual Assignment Policy Implementation Presentation For more classes visit www.snaptutorial.com Assignment Preparation: Activities include watching the completing the SkillSoft®course, independent student reading, and research.
  • 13. Complete the "Security Policy Documents and Life Cycle" topic of the Skillsoft® course "SSCP Domain: Security Operations and Administration Part 1." Complete the "Risk Management and Regulatory Compliance" topic of the "Security Policies and Life-Cycle Approach" lesson of the Skillsoft® course "Cisco IINS 2.0: Security and Strategies." Consider security planning policies, procedures, and models to include multilevel and cryptographic processes. Prepare 10-12 Slides Presentation Include the following: Description of security planning policies Description of how human resources security is included in security planning Description of how cryptographic tools may be included in security planning Application of security planning policies to manage security Evaluation of how specific policies are used to implement security plans **************************************************
  • 14. CMGT 582 Week 5 Individual Assignment Policy Implementation For more classes visit www.snaptutorial.com Assignment Preparation: Activities include watching the completing the SkillSoft®course, independent student reading, and research. Complete the "Security Policy Documents and Life Cycle" topic of the Skillsoft® course "SSCP Domain: Security Operations and Administration Part 1." Complete the "Risk Management and Regulatory Compliance" topic of the "Security Policies and Life-Cycle Approach" lesson of the Skillsoft® course "Cisco IINS 2.0: Security and Strategies." Consider security planning policies, procedures, and models to include multilevel and cryptographic processes. Write 3-5 Page Paper Include the following: Description of security planning policies
  • 15. Description of how human resources security is included in security planning Description of how cryptographic tools may be included in security planning Application of security planning policies to manage security Evaluation of how specific policies are used to implement security plans ************************************************** CMGT 582 Week 6 Individual Assignment Systems Development Life Cycle (SDLC) For more classes visit www.snaptutorial.com Assignment Preparation: Activities include watching the completing the SkillSoft®course, independent student reading, and research. Complete the "Information Risk Management Overview" topic of the "Information Risk Management Program" lesson of the Skillsoft®
  • 16. course "CISM 2012: Information Risk Management and Compliance (Part 1)." Completethe "Auditing and Testing IS Security" topic of the "Auditing Internal and External Security" lesson of the Skillsoft® course "CISA Domain: Protection of Information Assets - Part 2." Consider the systems development life cycle (SDLC), security systems life cycle, and information systems security certification and accreditation. Write a 3- to 5-page evaluation of the use of the security life cycle. Include the following: All six phases Review of steps unique to the security life cycle, not in common with SDLC Applicable criteria and standards, such as certification and accreditation, used in your evaluation **************************************************