Exercises Chapter 5

docx

School

Davenport University *

*We aren’t endorsed by this school

Course

481

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

4

Uploaded by DoctorClover4954

Report
Chris Buerkel Chapter 5 Read and respond to Exercise 1. Assume a smaller organization has a plan to implement a security program with three full-time staff and two or three groups of part-time roles from other parts of the business. What titles and roles do you recommend for the three full-time staff? What groups would commonly supply the part-time staff? The organization will employ three full-time personnel to oversee its information security (InfoSec) program; these three will have to do multiple jobs at the start: a Security Manager, a Security Administrator, and a Security Technician. The Security Manager will oversee the daily operations of the InfoSec program to attain the company's objectives and address any technical concerns that may arise in a timely fashion—also pitch in to help the Security Technician when the times allow it. The Security Technician role will be critical in configuring firewalls and intrusion detection systems (IDS), deploying security software, and resolving any related issues that may emerge. Their expertise will ensure that security technology is effectively implemented and maintained within the organization. They will fill in for one of the other two when he is there in time. The Security Administrator encompasses the duties of the Security Manager, Technician, and Analyst, which involve ongoing monitoring of the security systems, redesigning as necessary, and evaluating the InfoSec program. They will also fill in where deemed necessary. The part-time personnel with at least an associate degree in computer information will be entry-level analysts. Their key responsibilities will include monitoring incoming internet traffic
and providing assistance to help desks. There will be three analysts working per shift, each for eight hours. Depending on business hours, two or three shifts will be scheduled daily. Answer the 2 Discussion questions in the Closing Case. Closing Case “Thanks, that was very helpful,” Mike Edwards said to the attorney from the corporate legal office, who’d just given a presentation on the SETA requirements of a newly enacted state computer crime and privacy law. “So, when does this law take effect, and how should we comply?” The attorney gave a full analysis of RWW’s responsibilities, laying out in concrete terms what the law required of them for a SETA program. Mike then turned to his staff of department managers and said, “It’s important that we comply with the new law. Part of this compliance will be to develop a security education training and awareness program. I need your help to plan our new SETA program.” Discussion Questions 2) What are the advantages and disadvantages to preparing the SETA program in-house or in hiring a consulting firm to develop it? Developing an in-house SETA program presents several advantages. Firstly, this approach allows customization to match the organization's unique needs and preferences.
Additionally, it can be cost-effective, as outsourcing the task is optional. However, the individuals responsible for developing the program must understand the company's operations and processes comprehensively to ensure the inclusion of relevant content while eliminating extraneous material. Nevertheless, there is always the possibility of overlooking critical aspects. As a consulting firm, they are well-equipped to assist with this task. Their team can review the organization's processes and identify the necessary components of the SETA program. The outsider perspective enables them to identify areas that may have been overlooked, as they are not directly involved in the organization's day-to-day operations. By relying on their expertise, organizations can develop a SETA program that effectively addresses their needs while ensuring optimal results.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Reference Mattord, H. Whitman, M. (2019.) Cengage. Management of Information Security

Related Documents

Screenshot 2023-12-03 224254.png
Screenshot 2023-12-03 224337.png
Homework 2 - Long response.docx
RTA102_RTA108 - F21 Cross Multi Platform Storytelling Project.pdf
doc 7.docx
Screenshot 2023-12-03 224315.png
Exercises Chapter 6.docx
Exercises Chapter 8.docx
Exercises Chapter 7.docx
Exercises Chapter 12.docx
Exercises Chapter 1.docx
Untitled document.docx