How your team plans to perform the risk assessment
Successful information assurance programs apply industry standards and best practices to identify security risk and then form dynamic, crossfunctional teams, when required, to develop a plan to address these gaps in a way that is sensitive to the needs of key stakeholders.
To prepare for the Project in this Week, assume that the fictitious organization is large and growing rapidly, with both internal and external IT risks involving employees, customers, business partners, suppliers, and contractors. Clearly state any other assumptions you make.
You have been asked to assess risks associated with access and authorization in your organization. Develop a brief scenario that depicts a threat related to access and authorization. Below are two example use cases for a single scenario to guide you. You will need to develop your own scenario as well as your own use cases.
Use Case 1: Employee Provisioning-There needs to be an enterprise process for employee account provisioning. This should include setting up employees with the correct access rights, based on their role. When employees change roles, their access should be appropriately changed. Today, employees are given access to resources using Active Directory groups. When they go to a new job, the old access rights often are not removed like they should be, and this is a security concern.
Use Case 2: Separation of Duties-Administrators need a high level of access for their jobs. Today, their credentials allow them to administer servers and create accounts locally on the servers and in Active Directory. They can also edit log files and delete accounts and groups in Active Directory. This is a security concern, and roles should be set up so server administrators can do their job but not the job of an Active Directory administrator. The role that is allowed to create accounts should not be able to create new roles, and managers should approve new accounts. Keeping an administrator’s access in line with his or her role is a best practice, and it may be required by regulations such as Sarbanes-Oxley.
Please develop at least two others and explain them.
Write a 5- to 7-page paper about the risk assessment process that you plan to perform. Cover the following points:
• Your introduction should include the following background information:
• The country where the headquarters is located
• The nature of the organization’s operations
• The general organizational structure
• The country/ies in which the organization operates
• In describing the scenario and the two use cases you created, you should include the following regarding risk assessment planning:
• How your team plans to perform the risk assessment and identify the gap
• What other teams would be involved in a successful risk assessment
• How poor access and authorization management affects security risk and business processes
• Who the stakeholders are and the most important activities they may perform that involve accessing data and resources
We are committed to making our customer experience enjoyable and that we are keen on creating conditions where our customers feel secured and respected in their interactions with us.
With our qualified expert team who are available 24/7, we ensure that all our customer needs and concerns are met..
Our refund policy allows you to get your money back when you are eligible for a refund. In such a case, we guarantee that you will be paid back to your credit card. Another alternative we offer you is saving this money with us as a credit. Instead of processing the money back, keeping it with us would be an easier way to pay for next the orders you placeRead more
All orders you place on our website are written from scratch. Our expert team ensures that they exercise professionalism, the laid down guidelines and ethical considerations which only allows crediting or acknowledging any information borrowed from scholarly sources by citing. In cases where plagiarism is confirmed, then the costumier to a full refund or a free paper revision depending on the customer’s request..Read more
Quality is all our company is about and we make sure we hire the most qualified writers with outstanding academic qualifications in every field. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.Read more
We understand that students are not allowed to seek help on their projects, papers and assignments from online writing services. We therefore strive to uphold the confidentiality that every student is entitled to. We will not share your personal information elsewhere. You are further guaranteed the full rights of originality and ownership for your paper once its finished.Read more
By placing an order with us, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.Read more