Preview

Is305 Project 1

Satisfactory Essays
Open Document
Open Document
2310 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Is305 Project 1
IS305 Managing Risk in Information Systems PROJECT
Project
Project: Risk Management Plan
Purpose
This project provides an opportunity to apply the competencies gained in the units of this course to develop a risk management plan for a specific business problem related to an organization's identification of an outdated plan.
Required Source Information and Tools
The following tools and resources that will be needed to complete this project: Course textbook Internet access for research Defense Logistics Agency: www.dla.mil Project text sheet
Learning Objectives and Outcomes
You will gain an overall understanding of risk management, its importance, and critical processes required when developing a formal risk management plan for an organization.
Project Logistics
The project is divided into three major deliverables and four smaller assignments as detailed below:

Activity Name |Assigned |Due |% |
|||Grade |
Project Part 1 |Unit 3 |Unit 7 |11 |
Project Part 1 Task 1: Draft Risk Management Plan |Unit 3 |Unit4 |5% |
Project Part 1 Task 2: Risk Assessment Plan |Unit 5 |Unit6 |3% |
Project Part 1 Task 3: Risk Mitigation Plan |Unit 6 |Unit 7 |3% |
Project Part 2 |Unit 7 |Unit 10 |10 |
Project Part 2 Task 1: Introduction and Business Impact |Unit 7 |Unit 8 |5% |
Analysis Plan ||||
Project Part 2 Task 2: Business Continuity Plan (BCP) |Unit 8 |Unit 9 |3% |
Project Part 2 Task 3: Disaster Recovery Plan (DRP) |Unit 9 |Unit 10 |2% |
Project Part 2 Task 4: Computer Incident Response |Unit 10 |Unit 11 |2% |
Team (CIRT) Plan ||||
Risk Management Plan Final Submission |Unit 3 |Unit 11 |8% |

Copyright 2010 ITT Educational Services, Inc.
All Rights Reserved.

-84-

Change Date: 07/19/2010

IS305 Managing Risk in Information Systems

GRADED ASSIGNMENTS

I have compared and contrasted my position with the perspectives offered by my peers D
and
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Good Essays

    Is3110 Unit 4
    • 406 Words
    • 2 Pages

    Is3110 Unit 4

    If the project is completed on time then there is no risk for completion. All of the regular risks that apply to a project built on time apply to this one regardless of whether you are building a new infrastructure or modifying an older one. If the project is finished one month early, the quantitative risk really does not exist. It is basically comparable to completing the project on time. Since the project is quoted at 3 million dollars it will stay the same regardless of how fast the project is finished. However, you may see differences. When you rush a project this large you could possibly cut corners or receive poor quality results. If the project is finished two months late there are additional risks. If the company expects to make $20 million dollars annually, and assuming that the 4% penalty is levied against this yearly figure and not within smaller period of time, one month late means that US Industries Incorporated loses $800,000 annually. There doesn't appear to be any additional risk, however, further penalties and the possible eventual loss of the contract to a competitor could result in a poor product. There again appears to be no real quantitative risk involved if the project is finished a month early with the security requirements. If the originally quoted $3 million dollars remains the same regardless of how fast the project is finished and not coupled with hourly or daily wages, then there is nothing to lose financially. However the companies go beyond the required 1.5% completion benchmarks that the contract demands. Rushing a project of this scale also comes with rushed results possibly cut corners or poor quality. The credibility of the company is at stake with such a high profile, high income project such as this, and it is important to use all of the time available to ensure the best product is on display for any customer. The finished project should meet both the time and security requirements but not the service agreement. There does not…

    • 406 Words
    • 2 Pages
    Good Essays
    Read More
  • Powerful Essays

    Is3440 Project Part 1
    • 3157 Words
    • 13 Pages

    Is3440 Project Part 1

    First World Savings and Loan is a financial institution that processes credit card transactions and loan applications online. We are currently considering implementing an open source infrastructure. This could potentially save us over $4,000,000 per year in licensing fees for the software we are currently using. However, due to our business needs; we must still comply with the Sarbanes-Oxley Act (SOX), Payment Card Industry - Data Security Standard (PCI-DSS), and the Gramm-Leach-Bliley Act (GLBA). We must comply with SOX, because we are a publicly-traded financial institution; PCI-DSS, because we process online credit card transactions; and GLBA, because we are a financial institution. All of the regulations of these three compliancy laws must be met, while still maintaining the Confidentiality, Integrity, and Availability (CIA) triad.…

    • 3157 Words
    • 13 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Is3120 Unit 2 Assignment 2
    • 304 Words
    • 1 Page

    Is3120 Unit 2 Assignment 2

    Given the speeds of today’s Ethernet and the progression of the speeds, 10 to 100Gigs over 8 years and 100Gig to 1Tb since, transmission rate will double again in about 8 years. Although this seems true, I read that Ethernet fabric will rival fiber optic transmission capabilities. We must keep in might that a network is only as fast as its slowest component. This means computers will have to continue to get faster at processing requests and switches and routers will have to analyze and forward data packets at a higher speed to keep up with the evolution of Ethernet.…

    • 304 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    IS3445 Project part 1
    • 317 Words
    • 1 Page

    IS3445 Project part 1

    First off e-commerce is one of the best things for business whether you have your whole business through the web or partly. If you have a physical store, you are limited by the area that you can sell your product or offer service. An ecommerce website opens your business to the world. In addition to these two drivers,online retail is also driven by traffic from search engines. One of the most important positives of ecommerce is the lowered cost. A part of these lowered costs could be passed on to customers in the form of discounted prices. Advertising and marketing is global and you get a better buying market. For personnel use the automation of checkout, billing, payments, inventory management, and other operational processes, lowers the number of employees required to run an ecommerce setup. last but not least Real estate, the store does not need a prominent physical location. you can Locate the Product Quicker, eliminate travel time and cost, provide comparison shopping, also cross reference deals, bargains, coupons, and group buying.if you do open a e-business vulnerabilities that need to be taken into account if you decide to create an e-commerce site is security internal and external. Hackers attempting to steal customer information or disrupt the site or server containing customer information that is stolen. Also Imposters can mirror your ecommerce site to steal customer's money. authorized administrators/users of an ecommerce website downloading hidden active content need to watch the attacks on ecommerce system. Scans should be frequently done on your server. this will help identify any malicious programs that may be running worms, viruses or Trojan horses. Limited user access will ensure that you know exactly who has access to your ecommerce system and assign each user with unique access authentication method.…

    • 317 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    IS3230 Final Project
    • 687 Words
    • 2 Pages

    IS3230 Final Project

    Integrated Distributors Incorporated is facing a lot of challenges. The IT infrastructure has a lot of outdated hardware and software in multiple locations. This greatly increases security risks and exposes confidentiality, integrity, and availability. Some network compromises have ensued due to the outdated hardware and software. Sensitive and strategic information has been leaked to the public and it is time we put an end to this.…

    • 687 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    IS3220 Final Exam
    • 700 Words
    • 4 Pages

    IS3220 Final Exam

    7. Personnel should be authenticated and authorized prior to being granted access to company’s information resources. This statement is an example of ________________?…

    • 700 Words
    • 4 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    IS4560 part 6
    • 474 Words
    • 2 Pages

    IS4560 part 6

    My defense plan at AHC will include a counter attack from external and internal threats; the vulnerability and security threats that exist inside AHC IT infrastructure. In order the deal with these kinds of threats, we will need to train and create and incident report and handling plan with our IT management. I will also help them to create and implement a more secure and dependable Disaster recovery plan that will be available somewhere offsite. My team will setup an incident guideline and procedure that AHC can follow whenever the system is breach or any kind of natural disaster occurred. Some of these examples are Malware, viruses, worms, Trojans and hacking attacks take place or security breach from an inside employee. The external attackers can be counter by our Intrusion detection systems but can be block by our firewall and Intrusion prevents systems. We will fortify our application securities as well with the implementation of a strong access control list. This is an outline we will Use TCP/IP and IPsec filters for defense in depth. Configure IDS to prevent information disclosure through banner grabbing. Use IDS that can be configured to pick up foot printing patterns and reject suspicious traffic. You can put tight constraints on user inputs. But the best method of preventing SQL injection is to avoid the use of dynamically generated SQL in your code. Instead use stored or canned procedures. Raising security awareness also help members of an organization possess regarding the protection of the physical and especially, information assets of that organization. Many organizations require formal security awareness training for all workers when they join the organization and periodically thereafter, usually annually. I will set the router and firewall ACLs to block all inbound access that is not specifically required, especially to the windows specific ports. Always ensure that…

    • 474 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    IS3230 Unit 3 Assignment 1 Chris Wigint
    • 288 Words
    • 2 Pages

    IS3230 Unit 3 Assignment 1 Chris Wigint

    The data classification policy is intended to provide a framework for classifying a company’s data based on its level of sensitivity. Data classification entails analyzing the data an organization retains, determining its importance and value, and then assigning it to a category. Data is classified to help determine baselines for security controls in that will be implemented to protect the data.…

    • 288 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    IS3445 Project Part 4
    • 565 Words
    • 2 Pages

    IS3445 Project Part 4

    The security of a web application should become top priority when it comes to ensuring the security of the information that the application contains. When we, as an organization, think of security, we should all think of ways that the attacker would attempt to breach the application in order to gain access to the network, or exploit the vulnerability to his or her own benefits. There are many weaknesses pertaining to web applications, and these weaknesses each have an attack associated with it, with the attacker having his or her own motivation for the attack. The attacker’s motivation deeply depends on the type of attack that has occurred at that time. Listed below is a list of the common weaknesses and attacks associated with e-commerce and social networking applications.…

    • 565 Words
    • 2 Pages
    Good Essays
    Read More
  • Good Essays

    IS3120 Full Review
    • 4277 Words
    • 18 Pages

    IS3120 Full Review

    Increase organizational revenue (and the bottom line) –increase the customer base and retain new and existing customers to increase overall revenue…

    • 4277 Words
    • 18 Pages
    Good Essays
    Read More
  • Good Essays

    Project for IS3350
    • 588 Words
    • 3 Pages

    Project for IS3350

    You will gain an understanding of the aspects involved in the conception, enforcement, and implementation of security policies. You will also gain insight to risk analysis and will learn how to respond to any given situation that might arise from a violation of those security policies.…

    • 588 Words
    • 3 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    IS3120 Unit 3
    • 650 Words
    • 2 Pages

    IS3120 Unit 3

    speeds of at least 100 megabits per second and actual upload speeds of at least 50…

    • 650 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    IS3350 Unit 7 Discussion 1
    • 250 Words
    • 1 Page

    IS3350 Unit 7 Discussion 1

    Violating my copyright privileges is definitely not a good thing. I am all for sharing music. If music was not shared, some of the smaller acts would never be recognized. As for my scenario my employment and income is based off of music sales. In this case I am not okay with it.…

    • 250 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    IS3230 Unit 1 Assignment 2 Chris Wigint
    • 407 Words
    • 1 Page

    IS3230 Unit 1 Assignment 2 Chris Wigint

    The U.S. Federal and State compliance laws in regards to data protection affect all financial institutions in that non-compliance will result in fines and penalties. ABS Financial Solutions handles sensitive data for many credit unions and without regulations governing data security there would be no repercussions when private information is mishandled, lost or stolen. ABS understands their responsibility for protecting their client’s data and the threat of the retribution both federal and civil for non-compliance ensures they take appropriate security precautions.…

    • 407 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    Disaster Recovery Plan
    • 614 Words
    • 3 Pages

    Disaster Recovery Plan

    Due in Week Three: For your selected scenario, describe the key elements of the Disaster Recovery Plan to be used in case of a disaster and the plan for testing the DRP.…

    • 614 Words
    • 3 Pages
    Satisfactory Essays
    Read More