Exercises Chapter 9
docx
keyboard_arrow_up
School
Davenport University *
*We aren’t endorsed by this school
Course
481
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
5
Uploaded by DoctorClover4954
Chris Buerkel
Davenport University
Fall2023-SE1-IAAS481.11619
John Wilson
September 28, 2023
Exercises Chapter 9
Search the Web for the term security best practices. Compare your findings to the recommended practices outlined in the NIST documents.
Companies must have a contingency plan in case of unexpected events. IBM has developed a five-step process for creating a contingency plan. Firstly, it's necessary to categorize all assets into two groups according to their level of security risk. By identifying which assets are
at risk, companies can plan how to protect them. The Author states, “Good contingency plans prioritize the risks an organization faces, delegate responsibility to members of the response teams and increase the likelihood that the company will make a full recovery after a negative event” (Flinder 2023). The next step is to conduct a business impact analysis to determine which
assets generate the most revenue and require the most protection and uptime. Once the assets have been identified, a plan and a protocol should be established to activate the program. It's vital
to ensure a proper response and that protection is always possible, with responsibility divided among the appropriate personnel. The most challenging step is convincing higher management to
invest in the contingency plan, even though it may never be used. Investors are often hesitant to spend money on something that may not be necessary. Lastly, the plan must be tested and assessed. Companies must check its effectiveness and integrate annual testing to ensure it remains effective. If the program fails to meet the required standards, companies must start over and create a new plan.
Ethical Decision Making
Maria was reconsidering her recent recommendation of Linda to supervise the policy compliance
team. As she considered the nature of the job and some of the personal issues that Linda faced, she wondered if she should go back to Iris and revise her recommendation.
Linda was a single mother with three children; she also had a history of substance abuse, although she was in recovery. Maria found her to be good at her work and felt she had made remarkable progress during the time Maria had supervised her. But Linda had a higher than average number of sick days due to her complex and busy home life. And although Maria had no
concrete evidence that Linda was struggling with her recovery, there were some indications that everything was not as it should be.
Should Linda’s history of past improprieties lead Maria to withdraw her support and replace her without giving detailed reasons to Iris?
The phrase, "It's not personal, it's just business," is often used to justify negative actions. However, suppose Linda believes that Maria cannot handle the responsibility. In that case, she is responsible for resending the recommendation, as she is thinking about what is best for the company.
Should Maria’s ethical responsibility to the company lead her to give a full report of her concerns to Iris?
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Maria should provide a comprehensive report to her supervisors regarding her concerns about Iris. If Iris causes any issues that impact the company's plans, it would not solely be Iris's fault. Maria would also be held accountable for failing to inform her bosses.
Should Maria’s ethical responsibility to Linda lead her to keep these concerns to herself and allow the recommendation to stand?
No, Maria's ethical responsibility is to the company, not Iris. She does not work for Iris and, therefore, has no obligations to her.
Reference
Flinders, Mesh. (July 12, 2023). IBM. Contingency plan examples: A step-by-step guide to help your business prepare for the unexpected
. https://www.ibm.com/blog/contingency-plan-
examples/