Principles of Information Systems (MindTap Course List)
13th Edition
ISBN: 9781305971776
Author: Ralph Stair, George Reynolds
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Question
Chapter 11, Problem 3DQ
Program Plan Intro
SWOT Matrix:
The internal assessment and external environment are been analyzed and frequently summarized into “Strengths, Weaknesses, Opportunities, Threats (SWOT)” matrix.
Usage of SWOT Matrix:
- The SWOT matrix denotes a simple way to illustrate the following points:
- What company is doing well?
- Where it could improve?
- What are available opportunities?
- What environmental factors are threats to organization?
- The internal assessment identifies most of strengths and weaknesses.
- The analysis of external environment uncovers most of threats and opportunities.
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
Top-down and bottom-up approaches to information security vary in important ways.What are the advantages of a top-down strategy over a bottom-up one?Compare and contrast the two to show how this idea fits within a company's overall strategy.
Assume a year has passed and XYZ has improved its security. Using the following table, calculate the SLE, ARO, and ALE for each threat category listed.
YXZ Software Company (Asset Value: $1,200,000
Threat Category
Cost per Incident
Frequency of Occurrence
Cost of Controls
Type of Control
Programmer mistakes
$5,000
1 per month
$20,000
Training
Loss of intellectual property
$75,000
1 per 2 years
$15,000
Firewall/IDS
Software piracy
$500
1 per month
$30,000
Firewall/IDS
Theft of information (hacker)
$2,500
1 per 6 months
$15,000
Firewall/IDS
Threat of information (employees)
$5,00
1 per year
$15,000
Physical security
Web defacement
$500
1 per quarter
$10,000
Firewall
Theft of equipment
$5,000
1 per 2 years
$15,000
Physical security
Viruses, worms, Trojan horses
$1,500
1 per month
$15,000
Antivirus
Denial-of-service attack
$2,500
1 per 6 months
$10,000
Firewall…
Until recently, multiparty risks have not been considered as serious. Use the Internet to research multiparty risks. Why is there now heightened emphasis on multiparty risks? What are three examples of security incidents that were the result of a vulnerability in one organization affecting multiple other organizations? What were the outcomes of each of these? Should an organization that allows other organizations to be compromised through a multiparty risk be held liable? What should be the penalty? How can these be mitigated? Write a one-page paper on your findings.
Chapter 11 Solutions
Principles of Information Systems (MindTap Course List)
Ch. 11.1 - Prob. 1RQCh. 11.1 - Prob. 2RQCh. 11.1 - Prob. 1CTQCh. 11.1 - Prob. 2CTQCh. 11.2 - Prob. 1RQCh. 11.2 - Prob. 2RQCh. 11.2 - Prob. 1CTQCh. 11.2 - Prob. 2CTQCh. 11 - Prob. 1SATCh. 11 - Analysis of the internal assessment and external...
Ch. 11 - Prob. 3SATCh. 11 - Prob. 4SATCh. 11 - Prob. 5SATCh. 11 - Prob. 6SATCh. 11 - Prob. 7SATCh. 11 - Prob. 8SATCh. 11 - Prob. 9SATCh. 11 - Prob. 10SATCh. 11 - According to the Project Management Institute...Ch. 11 - Prob. 12SATCh. 11 - Prob. 1RQCh. 11 - Prob. 2RQCh. 11 - Prob. 3RQCh. 11 - Prob. 4RQCh. 11 - Prob. 5RQCh. 11 - Prob. 6RQCh. 11 - Prob. 7RQCh. 11 - Prob. 8RQCh. 11 - Prob. 9RQCh. 11 - What is a core competency? Project scope? Project...Ch. 11 - Prob. 11RQCh. 11 - Identify and briefly describe the nine areas of...Ch. 11 - Prob. 13RQCh. 11 - Prob. 14RQCh. 11 - Prob. 15RQCh. 11 - Prob. 16RQCh. 11 - Prob. 17RQCh. 11 - Prob. 18RQCh. 11 - Prob. 1DQCh. 11 - Prob. 2DQCh. 11 - Prob. 3DQCh. 11 - Prob. 4DQCh. 11 - Prob. 5DQCh. 11 - Prob. 6DQCh. 11 - Prob. 7DQCh. 11 - Prob. 8DQCh. 11 - Is there a difference between project time...Ch. 11 - Discuss the team dynamics for a highly effective...Ch. 11 - What sort of behaviors would indicate that the...Ch. 11 - Prob. 12DQCh. 11 - Prob. 13DQCh. 11 - How would you respond to a project team member who...Ch. 11 - Prob. 1PSECh. 11 - Prob. 3PSECh. 11 - Prob. 1TACh. 11 - Prob. 2TACh. 11 - Prob. 3TACh. 11 - Prob. 1WECh. 11 - Prob. 2WECh. 11 - Prob. 3WECh. 11 - Prob. 1CECh. 11 - Prob. 2CECh. 11 - Prob. 3CECh. 11 - Prob. 1CTQ1Ch. 11 - Prob. 2CTQ1Ch. 11 - Prob. 3CTQ1Ch. 11 - Prob. 1CTQ2Ch. 11 - Prob. 2CTQ2Ch. 11 - Prob. 3CTQ2
Knowledge Booster
Similar questions
- Susan is the lead investigator for a security incident and realizes that she will not be able to complete her investigation without causing severe disruption to the business. The action she feels she must take exceedsthe authority granted to her under the incident response plan. What should Susan do? a)Shut down all business operations immediately until she develops a plan b)Take the action immediately to protect the business c)Discount the action as a possibility because it exceeds her authority d)Consult with higher levels of managementarrow_forwardHow can risk management strategies be applied during the acquisition of information systems, and why are they important?arrow_forwardWhat do you think the most dangerous security threats will be in the next five years? Why? Please give some instances.arrow_forward
- answer question in photo plzarrow_forwardPlease answer fastarrow_forwardSuppose there is a big ABC organization which offers different products for their customers. When the said organization develops the different products for customers, then there is a possibility of different hazards, which may affect the process of development. What type of procedure and process should be follow by management department for risk management to avoid or mitigate the incoming risks, to produce better quality products at the end?arrow_forward
- What are some proven strategies that are effective in preventing cyber-attacks? Submit a Mind Map of your Research paper Use gitmind to create mind map.arrow_forwardUsing a web search engine, find a peer reviewed Journal article with more than 100 citations published that studies the inside versus outside the organization risks and it's APA Style Citation. Also what is the paper about and Which one of the two types is changing and to what is the change attributed? Also Which one of the two types can be better prevented in your point of view and why?arrow_forwardList four examples of which threat actors are generally believed to be the most dangerous threat actors? Explain your answer in your own words. Be sure to list four and two sentences describing why they are considered a threat actor and what harm could they do or note how they might operate and benefit from their actionsarrow_forward
- Explain the primary principle of effective risk mitigation control selection: ensuring the chosen control directly reduces or eliminates a specific threat or vulnerability. Discuss how controls may function through prevention, recovery, or detection mechanisms. How can a comprehensive understanding of the threat landscape and the characteristics of different vulnerabilities inform the selection of tailored and targeted controls? Provide examples of how specific controls address specific threats.arrow_forwardIn this project, design your own case study involving a hypothetical cybersecurity scenario. After coming up with your case outline, you must identify: 1. The various types of stakeholders potentially affected by the case, and the differentstakes/interests they have in the outcome.2. The different types of cybersecurity professionals or practitioners that might be involved in a case like this, and their specific responsibilities.3. The potential benefits and risks of harm that could be created by effective or ineffective cybersecurity practices in the case, including ‘downstream’ impacts.4. The ethical challenges most relevant to this case 5. The ethical obligations to the public that such a case might entail for the cybersecurity professionals involved.6. Any potential in the case for disparate impacts on others, and how those impacts might affect the lives of different stakeholders 7. The ethical best-case scenario (the best outcome for others that the cybersecurity practitioners…arrow_forwardAfter reading examples in the book, provide an example of an asset that is important to you, a threat that could impact that asset and what is the likelihood that asset is vulnerable to that threat?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningManagement Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning