Page 1

CMGT 582 Assignment Audit of the HR Department

FOR MORE CLASSES VISIT www.cmgt582study.com

You are part of a team has been selected by the Chief Information Officer (CIO) to perform an audit of the HR Department. Create a 10- to 12-slide presentation (not including the title and reference slides) that examines the specific audit steps that should be performed to evaluate the following areas: · Handling of ethical issues, including security-related legal/regulatory compliance (non-privacy related), intellectual property and licensing ·

Compliance with privacy related laws and regulations

·

Adequacy of security policies and security awareness training

·

Identification of security related risks/threats

Include a minimum of two audit steps for each of the areas listed above. The audit steps should follow the following format: ·

Area: From the list above

·

Example: Security related risks/threats

·

Potential Risk to be Reviewed: Describe the risk

· Example: Viruses and malware can negatively impact the confidentiality, integrity, and availability of organizational data


· Evaluation of Tools and Methods: Describe the control objective and the specific controls you will evaluate to determine potential risk is mitigated. Please note that typically, there will be more than one control that should be reviewed for a potential risk. ·

Example: Determine whether anti-virus software is in use

· Example: Determine whether virus signatures are periodically updated · Example: Determine whether periodic virus scans are performed · Criteria/Measures to be Used: Describe the criteria/measures that you will use to evaluate the adequacy of each area/review step that you review (i.e., what criteria will you use to perform your evaluation/how will you determine that the risk has been mitigated to an acceptable level). · Example: 100% of servers and PCs have virus software installed · Example: 100% of the virus software installed is set to automatically update, including virus signatures. · Example: 100% of the virus software installed is set to automatically perform a scan at least weekly Your grade on the assignment will be based on how well you address: · The identification of potential ethical, legal/regulatory, privacy, and security related issues (20%) · The evaluation of the tools and methods used to mitigate any ethical, legal/regulatory, and privacy related issues identified, as well as the tools and methods used to perform the review steps (20%) · The evaluation of the tools and methods used to mitigate any security-related issues identified, as well as the tools and methods used to perform the review steps (25%)


· Criteria/measures that you will use to evaluate the adequacy of each area/review step that you review (i.e., how will you determine that the risk has been mitigated to an acceptable level) (20%) ·

Quality of written communication

·

Use of APA format/style

Include a 1/2- to 1-page executive summary and support your presentation with appropriate references. ==============================================

CMGT 582 Week 1 Individual Assignment Getting Involved

FOR MORE CLASSES VISIT www.cmgt582study.com

Assignment Preparation: Activities include watching the SkillSoft® videos, completing the SkillSoft® course, independent student reading, and research. Watch the "Fostering Collective Responsibility for IT Risk" video. Watch the "Balancing Security with User Convenience" video. Complete "Introduction to Information Security Governance" topic of the Skillsoft® course "CISM 2012: Information Security Governance (Part 1)." Assignment: Situation: You have just joined an organization that depends on the use of the web to perform most of its major tasks. You


have noticed that information security is mostly ignored by those performing the work tasks and it is not a priority with management or executive leadership. Write a 1- to 2-page memo to the Chief Executive Officer (CEO) that is designed to increase the priority of information security. Include a convincing argument of why the survival of the organization may depend on information security. Include these topics: Confidentiality, integrity, and availability Authenticity Accountability Threats from malicious software Security challenges of cloud computing Cyberterrorism and information warfare ==============================================

CMGT 582 Week 2 Individual Assignment Security Within My Organization

FOR MORE CLASSES VISIT www.cmgt582study.com

Assignment Preparation: Activities include watching the SkillSoftÂŽ videos, completing the SkillSoftÂŽ course, independent student reading, and research.


Watch the "Technology and the Impact on Business and the Environment" Skillsoft video. Complete "Defining law and ethics" point of topic "The Relationship Between Law and Ethics" of the SkillsoftÂŽ course "Business Law and Ethics." Complete "Recognize the Effect of Laws and Regulations on Audit Planning," point of topic "Management of an IS Audit Function," of the lesson "Information Systems and the IS Audit Function" of the SkillsoftÂŽ course "CISA Domain: The Process of Auditing Information Systems - Part 1." Write a 3- to 4-page analysis of ethical considerations for maintaining confidentiality and customer data. Address the following issues in your analysis: Define ethics. Apply ethics to information systems. Discuss the constituent parts IT/IS professional ethics. Connect or relate the discussed constituent parts into an overall structure that may relate to an IT/IS code of conduct or ethics. Discuss the rules produced by the Ad Hoc Committee on Responsible Computing. Describe the privacy regulations or laws related to the identified ethical issues ==============================================

CMGT 582 Week 3 Assignment Privacy with Ethics Considerations


FOR MORE CLASSES VISIT www.cmgt582study.com

Create a 10- to 12-slide presentation evaluating the three areas of privacy issues specific to FERPA, HIPAA, and EEA. Develop scenarios in all of the three areas that you feel are most important to the recipients protected by these laws and the methodology used in each. Include how each of these laws affects the requirements of companies or colleges and how each manages their security strategy to enforce compliance. Compare the effectiveness of each industry's efforts to ensure privacy issues are addressed and protected. Address and comment on the following issues in your analysis: ·

Define privacy in the three areas

·

Apply privacy and privacy protection to Information Systems

·

Repercussions to the companies protected by the three laws

· Differences in the protection methodologies used by the 3 industries represented by these laws ·

Differences in security strategies used by the three industries

· Describe how these three laws can change a company's security policies and mitigation plans · Explain why public corporations have the same privacy issues (for intellectual property) as people do (for personal information)


· Conclude your assignment with ideas regarding how each law can be improved Include detailed speakers notes within your presentation. ==============================================

CMGT 582 Week 3 Individual Assignment Risk Assessment

FOR MORE CLASSES VISIT www.cmgt582study.com

Assignment Preparation: Activities include watching the SkillSoft® videos, completing the SkillSoft® course, independent student reading, and research. Watch the "QuickTalks: David Bach: Nonmarket Strategy: The Next Frontier of Competitive Advantage" Skillsoft® video. Complete the "Intrusion Prevention Technologies" topic of the lesson "Understanding IPS Fundamentals" in the Skillsoft® course "Cisco IINS 2.0: Implementing IPS." Complete slides 1 to 3 of the "Risk Response Strategies" topic of the Skillsoft® lesson "Plan Risk Responses" of the course "Risk response and Control (PMBOK® Guide Fifth Edition)." Prepare a 3- to 5-page risk assessment of your organization or an organization with which you are familiar. Include how the formula for risk can be applied to the organization.


Describe how risk assessment is related to security controls or safeguards. Include the following in your assessment that is part of Figure 14.3, Risk Assessment Methodology, of the Stallings and Brown textbookComputer Security (p. 478): System characterization Threat identification Vulnerability identification Control analysis Likelihood determination Impact analysis Risk determination ==============================================

CMGT 582 Week 4 Individual Assignment Technologies and Methodologies Evaluation

FOR MORE CLASSES VISIT www.cmgt582study.com

Assignment Preparation: Activities include watching the SkillSoftÂŽ videos, completing the SkillSoftÂŽ course, independent student reading, and research.


Watch the "Creating an Actionable Risk Management Strategy" SkillSoft® video. Complete the "Network Security Appliances and Methods" topic of the Skillsoft® course "CompTIA Network+ 2012: Network Security Part 3." Complete the "Firewalls, IDS and Network Security Solutions" topic of the Skillsoft®course "CompTIA Network+ 2012: Network Security Part 3." Consider information management risks to include cybercrime and cyber-related crimes. Write a 3- to 5-page evaluation of security technologies and methodologies used to mitigate information management risks. An evaluation is generally based on specific criteria and standards. Include at least the following: Firewalls Intrusion prevention systems Intrusion detection systems Access control Cryptographic tools and processes ==============================================

CMGT 582 Week 5 Assignment Mitigating Information Management Risk

FOR MORE CLASSES VISIT


www.cmgt582study.com

Consider information security risks, including: Cybercrime and cyber-related crimes Social engineering Mobile computing BYOD (Bring your own device). Write a 3 full page evaluation (not including the title and reference pages) of security technologies and methodologies that can be used to mitigate each of the above information security risks. Support your paper with appropriate references and follow APA format.

Include the following for each type of risk: Description of the risk Security technologies and methodologies that can be used to mitigate them Rationale describing how the risks are mitigated to an acceptable level Include a Turnitin report.

Submit your assignment and Turnitin report using the Assignment Files tab. ==============================================


CMGT 582 Week 5 Individual Assignment Policy Implementation Presentation

FOR MORE CLASSES VISIT www.cmgt582study.com

Assignment Preparation: Activities include watching the completing the SkillSoft®course, independent student reading, and research. Complete the "Security Policy Documents and Life Cycle" topic of the Skillsoft® course "SSCP Domain: Security Operations and Administration Part 1." Complete the "Risk Management and Regulatory Compliance" topic of the "Security Policies and Life-Cycle Approach" lesson of the Skillsoft® course "Cisco IINS 2.0: Security and Strategies." Consider security planning policies, procedures, and models to include multilevel and cryptographic processes.

Prepare 10-12 Slides Presentation

Include the following: Description of security planning policies Description of how human resources security is included in security planning Description of how cryptographic tools may be included in security planning


Application of security planning policies to manage security Evaluation of how specific policies are used to implement security plans ==============================================

CMGT 582 Week 5 Individual Assignment Policy Implementation

FOR MORE CLASSES VISIT www.cmgt582study.com

Assignment Preparation: Activities include watching the completing the SkillSoft®course, independent student reading, and research. Complete the "Security Policy Documents and Life Cycle" topic of the Skillsoft® course "SSCP Domain: Security Operations and Administration Part 1." Complete the "Risk Management and Regulatory Compliance" topic of the "Security Policies and Life-Cycle Approach" lesson of the Skillsoft® course "Cisco IINS 2.0: Security and Strategies." Consider security planning policies, procedures, and models to include multilevel and cryptographic processes.

Write 3-5 Page Paper


Include the following: Description of security planning policies Description of how human resources security is included in security planning Description of how cryptographic tools may be included in security planning Application of security planning policies to manage security Evaluation of how specific policies are used to implement security plans ==============================================

CMGT 582 Week 6 Individual Assignment Systems Development Life Cycle (SDLC)

FOR MORE CLASSES VISIT www.cmgt582study.com

Assignment Preparation: Activities include watching the completing the SkillSoftÂŽcourse, independent student reading, and research. Complete the "Information Risk Management Overview" topic of the "Information Risk Management Program" lesson of the SkillsoftÂŽ course "CISM 2012: Information Risk Management and Compliance (Part 1)."


Completethe "Auditing and Testing IS Security" topic of the "Auditing Internal and External Security" lesson of the SkillsoftÂŽ course "CISA Domain: Protection of Information Assets - Part 2." Consider the systems development life cycle (SDLC), security systems life cycle, and information systems security certification and accreditation. Write a 3- to 5-page evaluation of the use of the security life cycle. Include the following: All six phases Review of steps unique to the security life cycle, not in common with SDLC Applicable criteria and standards, such as certification and accreditation, used in your evaluation ==============================================

Cmgt 582 assignment audit of the hr department  
Cmgt 582 assignment audit of the hr department  

FOR MORE CLASSES VISIT www.cmgt582study.com You are part of a team has been selected by the Chief Information Officer (CIO) to perform an...

Advertisement