Risk Management in Information Technology Security - Essay Example

This assignment allows you to fulfill the role of an IT manager in a small business tasked with determining appropriate risk management techniques for identified threats and lamentableness and to make related recommendations to senior management. Read the scenario given below and then complete the given assignment tasks that are given: Scenario: Yielder is a small agricultural company that produces and sells fertilizer products. The company operates through its headquarters in a small town in Indiana.

We Will Write A Custom Essay Sample On
ANY TOPIC SPECIFICALLY
FOR YOU

For Only $13.90/page


order now

Outside its headquarters, there are two large production facilities?one in Nebraska and one in Oklahoma. Furthermore, Yielder employs sales force personnel In every state In the U. S. To serve Its customers locally. The company has three servers located at Its quarters?Active Directory Server, a Linux application server, and an Oracle database server. The application server hosts Wielder’s primary software application, which is proprietary program managing inventory, sales, supply-chain, and customer information.

The database server manages all data stored locally with direct attached storage. All three major sites use Ethernet cabled local area networks (Lana) to connect the users’ Windows Vista workstations via Industry standard, managed switches. The remote production facilities connect to headquarters via routers (1. 4 Mbps telecoms circuit) LANA connections provided by an external Internet service providers (ISP) and share an Internet connection through a firewall at headquarters.

Individual sales personnel throughout the country connect to Wielder’s network via virtual private network (VPN) software through their individual Internet connections, typically In a home office. Tasks: each identified by your small group earlier in the Unit, assume the role of an IT manager assigned by Wielder’s senior management to conduct the following risk management tasks. 1 . Analyze and explain each of the threat/vulnerability pairs and their likelihood of occurrence. 2. Determine which of the six risk management techniques is appropriate for each risk explained in Task 1. . Justify your reasoning for each chosen management technique. 4. Prepare a brief report or presentation of your findings for senior management to review. Submission Requirements Use the following guidelines to submit this assignment: Format: Use a standard word processor or presentation format compatible with Microsoft Word or Powering. Font: Arial 10 point size Line Spacing: Double Deadlines for submission: By Unit 2 ISSUES Risk Management in Information Technology Security STUDENT COPY: Graded Assignments ITT Educational Services, Inc.

All Rights Reserved. -75- Change Date: 05/25/2011 Unit 2 Assignment 1: PC ADS and the Seven Domains Learning Objectives and Outcomes You will learn and understand best practices related to Payment Card Industry Data Security Standard (PC ADS) and to U. S. Compliance laws. As discussed in this Unit, it is important for IT professionals to implement best practices when facing U. S. Compliance laws. Scenario: Yielder Company’s senior management has recently decided to accept credit card payments from Wielder’s customers.

This decision makes meeting PC ADS objectives and requirements a necessary consideration in order to validate compliance for enforcement organizations.