...January 17, 2015 SEC578 Keller Grad School Of Mgmt How do Administrative Controls demonstrate “due care”? To better answer this question lets define “Administrative Controls” and “Due Care.” Administrative Controls can be the defined as direction or exercise of authority over subordinate or other organizations in respect to administration and support, including control of resources and equipment, personnel management, unit logistics, individual and unit training, readiness, mobilization, demobilization, discipline, and other matters, while Due Care is the degree of care that a person of ordinary prudence and reason (a reasonable man) would exercise under given circumstances. With this understanding we can see that Administrative Controls establish the ground work for an employee to understand and be able to do their job in accordance to the company’s policies and procedures. Administrative controls consist of approved written policies, procedures, standards and guidelines. Administrative controls form the basis for the selection and implementation of logical and physical controls. Logical and physical controls are manifestations of administrative controls. Some industry sectors have policies, procedures, standards and guidelines that must be followed – the Payment Card Industry (PCI) Data Security Standard required by Visa and Master Card is such an example. Other examples of administrative controls include the corporate security policy of Gramm-Leach-Bailey (GLB)...
Words: 2056 - Pages: 9
...Week 2: Administrative Controls SE578 – Prof. Joseph Constantini By David Truong (D00571438) 1/18/2013 Table of Contents How do Administrative Controls demonstrate “due care?” 3 How does the absence of Administrative Controls impact corporate liability? 3 How do Administrative Controls influence the choice of Technical and Physical Controls 4 How would the absence of Administrative Controls affects prigects in the IT department 4 Summary 5 Reference 6 How do Administrative Controls demonstrate "due care?" Administrative Controls are guidelines that is set up by management in order to meet the standard that shows that how he company has taken precaution to prevent malicious intent as well as prevention against malicious intent. The controls that are implemented must show a degree in which the process is common and assist in the fortifying the company’s ability to prove its willingness to take action on correcting weaknesses within the company. This idea is also known as “due care.” They must include controls that contribute to individual accountability, ability to audit, and separation of duties. Administrative Controls can be identified with two specific category: detective administrative controls and preventative administrative controls. Ultimately, the purpose of Administrative Controls is to show that the company has taken the necessary precaution, the “due care,” to protect the confidentiality, integrity and availability...
Words: 896 - Pages: 4
...| Administrative Controls | | | Administrative controls are basically directives from the senior management that provide the essential framework for the organizations security infrastructure. Administrative controls consist of the procedures that are implemented to define the roles, responsibilities, policies and various administrative functions that are required to manage the control environment as well as necessary to oversee and manage the confidentiality, integrity and availability of the organizations information assets. Administrative controls can range from very specific to very broad and can vary depending on the organizational needs, particular industry, and legal implications. Administrative controls can generally be broken down into six major categories which include operational policies and procedures, personnel security, evaluation, and clearances, security policies, monitoring, user management, and privilege management. Ultimately, the senior management within an organization must decide what role security will play within the organization and define the security goals and directives. Due care by definition is the care that an ordinary and reasonable person would take over their own property or information. An example of this would for a person to place documents that contain sensitive information such as social security cards, passports, etc. in a locked safe within their home. This measure is taken to ensure that only those individuals with authorized...
Words: 1204 - Pages: 5
...Administrative Controls Paper 1. How do Administrative Controls demonstrate "due care?" Administrative controls demonstrate “due care” because they are controls that meet a standard considered reasonable by most organizations that share similar backgrounds or work environments. Administrative controls that meet the standard of “due care” generally are easily achievable for an acceptable cost and reinforce the security policy of the organization. They must include controls that contribute to individual accountability, auditability, and separation of duties. Administrative controls define the human factors of security and involve all levels of personnel within an organization. They determine which users have access to what organizational resources and data. Administrative controls can be broken down into two categories: preventive administrative controls and detective administrative controls. Preventive administrative controls are techniques designed to control personnel’s behavior to assure the confidentiality, integrity, and availability of organizational information. Some examples of preventive administrative controls are: security awareness and technical training, separation of duties, disaster preparedness and recovery plans, terminating and recruiting procedures, and user registration for computer access. 2. How does the absence of Administrative Controls impact corporate liability? The absence of administrative controls will have a negative impact on corporate liability...
Words: 902 - Pages: 4
...How do Administrative Controls demonstrate “due care?” First, the definition of “due care” is the care that a reasonable man would exercise under the circumstances; the standard for determining legal duty. In the case of an information system, due care is a legal yardstick used to examine whether an organization took reasonable precautions to protect the Confidence, Integrity, and Availability (CIA) of an information system in a court of law. Organizations use Administrative Controls whereas management creates policies, standards and guidelines as well as a training and enforcement programs to ensure that the policies, standards and guidelines are being followed in order to protect the CIA of information within their information system. A lack of administrative controls suggests that management is negligent in understanding its responsibility to protect the information system usually contributing to theft, loss, or aid of a crime. How does the absence of Administrative Controls impact corporate liability? I feel that the absence of Administrative Controls would have a negative impact on corporate liability. If an organization handles Personal Identity Information (PII), whether personal, financial, or medical, they are legally responsible for the safe keeping of this information. Not having administrative controls in place to safeguard this information, an organization could be held liable should theft, loss or aid of a crime occur. Legislative actions such as the Gramm-Leach-Blailey...
Words: 591 - Pages: 3
...This sample template is designed to assist the user in performing a Business Impact Analysis (BIA) on an information system. The template is meant only as a basic guide and may not apply equally to all systems. The user may modify this template or the general BIA approach as required to best accommodate the specific system. In this template, words in italics are for guidance only and should be deleted from the final version. Regular (non-italic) text is intended to remain. 1. Overview This Business Impact Analysis (BIA) is developed as part of the contingency planning process for the {system name}{system acronym}. It was prepared on {insert BIA completion date}. 1.1 Purpose The purpose of the BIA is to identify and prioritize system components by correlating them to the business process(es) the system supports, and by using this information to characterize the impact on the process(es) if the system were unavailable. The BIA is composed of the following three steps: 1. Determine business processes and recovery criticality. Business processes supported by the system are identified and the impact of a system disruption to those processes is determined along with outage impacts and estimated downtime. The downtime should reflect the maximum that an organization can tolerate while still maintaining the mission. 2. Identify resource requirements. Realistic recovery efforts require a thorough evaluation of the resources required to resume business processes and...
Words: 1287 - Pages: 6
...LAW 443 ADMINISTRATIVE LAW I NATIONAL OPEN UNIVERSITY OF NIGERIA SCHOOL OF LAW COURSE CODE: Law 443 COURSE TITLE: Administrative Law I 1 LAW 443 ADMINISTRATIVE LAW I Course Code: Course Title: Course Developer/Writer: Administrative Law I Law 443 Simeon Igbinedion, LL.B., LL.M., B.L., PH.D., Faculty of Law, University of Lagos. Professor Animi Awah Ifidon Oyakhiromen, LL.B, LLM, M.Phil, Ph.D, BL Course Editor: AG. Dean,/Programme Leader: Course Coordinator: Mr. Ayodeji ige, LLM, BL 2 LAW 443 ADMINISTRATIVE LAW I COURSE GUIDE CONTENTS PAGE Introduction ……………………………………………………………………….. 1 What You Will Learn in this Course …………………………………………….... 2 Course Aims ………………………………………………………………………. 3 Course Objectives ………………………………………………………………… 3 Study Units ……………………………………………………………………….. 3-4 Tutor-marked Assignment ……………………………………………………....... 4 References/Further Reading ……………………………………………...……. 4 3 LAW 443 ADMINISTRATIVE LAW I Introduction Consider a situation where your residential property in which you have lived for decades has been demolished by the authorities of the FCT, or the Lagos State Ministry of Environment for allegedly being located in an industrial area. Suppose some customs officers at a checkpoint found you in possession of items which they claim to be contraband and, therefore, seized pursuant to the new Customs policy of zero-tolerance of goods likely to endanger the economic growth or contribute to the...
Words: 42593 - Pages: 171
...How to Find a Proposed Regulation: ASSIGNMENT QUESTIONS: 1a. Make sure you submit a copy of your proposed regulation as an attachment to the Dropbox with this template. The Dropbox allows you to attach multiple documents in the same submission. (5 points) 1b. Identify the administrative agency (full name, not just the acronym) which controls the regulation. Briefly explain why this agency and your proposed regulation interests you. If this proposed regulation will affect you or the business in which you are working, please explain how. It is not required that the proposed regulation affect you professionally or personally. You can use any regulation for this assignment so long as you are able to answer the questions posed here (Questions 1-5). (10 points) Answer: Centers for Disease Control and Prevention (CDC) - This specific agency, and proposed regulation, is of particular interest to me because of my past and future courses of study. My MPH degree was in public health with a concentration in disaster/emergency management so I want to ultimately aide in the education of my community to prevent communicable diseases. In the meantime, while working with medical students and clinical training sites, I am partially responsible for the health clearance of all of the students to ensure that they are able to do their clinical without risk of unnecessary exposure to harmful contagions. 2. Describe the proposal/change in your own words. (10 points) Answer: Influenza...
Words: 1143 - Pages: 5
...State the administrative agency which controls the regulation. Explain why this agency and your proposed regulation interests you (briefly). Will this proposed regulation affect you or the business in which you are working? If so, how? The administrative agency that controls this regulation is the Alcohol Tobacco Firearms and Explosives Bureau (The ATF), whose parent agency is the Department of Justice. This agency and its proposed regulation interests me because I am a supporter of the second amendment and I am opposed of any regulations that seek to limit the second amendment. I do not own any firearms, nor do I expect to receive any firearms in the immediate future, but my fiance’s father owns many firearms and, in the future, when he passes away, those guns are likely to be transferred to her and this legislation will affect that transfer by requiring the receiver of those firearms to verify that they are a “responsible person” This regulation will not affect the business in which I am working. That business is Verizon Wireless, which does not deal in any firearms (at least to my knowledge). I am interested in this subject from a purely academic point of view. Describe the proposal/change. This regulation would require a person legally receiving a firearm (ostensibly someone receiving it as a gift or as part of an inheritance) to prove that they are a “responsible person”, furthermore this “responsible person” would have to complete a form and submit photographs and...
Words: 796 - Pages: 4
...1. State the administrative agency that controls the regulation. Explain why this agency and your proposed regulation interest you (briefly). Will this proposed regulation affect you, or the business in which you are working? If so, how? Submit a copy of the proposed regulation along with your responses to these five questions. The proposed regulation can be submitted as either a separate Word document (.doc) or Adobe file (.pdf). This means you will submit two attachments to the Week 2 Dropbox: (a) a Word document with the questions and your answers, and (b) a copy of the proposed regulation you used for this assignment. (10 points) The administrative agency that controls the specific regulation that I select is, “Office of the Secretary, Department of Defense (DoD).” Regulation: Child Development Programs (CDPs) ACTION: Interim final rule. This agency and the proposed regulation interest me because of my time spent in the military. While serving my country for I had seen many different changes take place due to new regulations imposed to the military by the DOD. In this case, the regulation is one that would have affected me if I was still in. CDP’s are of critical importance to the men and women that serve our country. Knowing that are government is attempting to increase the current level of assistance is gives CDP’s would be a big win for the government and the children and parents that will be impacted. 2. Describe the proposal/change. (10 points) The proposed...
Words: 1249 - Pages: 5
...WHAT IS ADMINISTRATIVE LAW? Broadly, AL might be defined as the legal control of govern’t More narrowly, AL consists of those legal principles at define the authority and structure of administrative agencies, specify the procedures agencies must follow, determine the validity of administrative decisions and define the role of reviewing courts and other organs of govern’t in relation to a.a. Each particular field of regulation has its corresponding substantive and procedural law. AL as such deals with the general principles and rules that cut across the particular substantive fields and apply t a.a. generally. These principles include 3 basic bodies of law: (1) constitutional law; (2) statutory law, including above all the APA; (3) a form of federal com mon law, embodied in judicial decisions that do not have a clear constitutional or statutory source. REGULATION Aa are engaged in regulation. Regulatory agencies develop and enforce prohibitions or obligations with which private firms and/or individuals must comply (some agencies aren’t regulatory, but benefactor: they’re engaged in disbursing govern’t benefits). PROBLEMS THOUGHT TO CALL FOR (ADMINISTRATIVE) REGULATION One can imagine a govern’t without agencies, but no govern’t can avoid “regulation”. The common law is in fact a regulatory system, although outside the definition set out above: it depends on the creation and enforcement , by law, of a set of rights, notably those creating private property and enforceable...
Words: 1898 - Pages: 8
...Dorothy Scroggins GM520 - Week 2 Assignment Administrative Law Assignment SEP10 1. State the administrative agency which controls the regulation. Explain why this agency and your proposed regulation interests you (briefly). Will this proposed regulation affect you or the business in which you are working? If so, how? I chose the Department of Public Safety, Division 45: Missouri Gaming Commission, Chapter 5: Conduct of Gaming. One of the many benefits Casinos love to share is that money from their profits will go to a public school fund. 2. Describe the proposal/change. The Gaming Commission is proposing an amendment to 11 CSR 45-5.051, Minimum Standards for Blackjack. The amendment will allow a floor supervisor (Pit-Boss) may direct the dealer to shuffle the cards after any round of play is completed and all wagers have been resolved. It won’t affect me directly but depending on how the Pit-Boss uses this internal control method, it could help or harm the Fund that is generated for Public Schools. Shuffling the cards in the middle is a deck is used to stop the current momentum. If the player(s) at the table are hot then this can break a streak that is cutting into the Casino’s profits. In this case it’s a win for the Public School Fund. 3. Write the public comment which you would submit to this proposal. If the proposed regulation deadline has already passed, write the comment you would have submitted. Explain briefly what you wish to accomplish with your...
Words: 669 - Pages: 3
...Week 2 Homework Help 1. State the administrative agency which controls the regulation. Explain why this agency and your proposed regulation interests you (briefly). Will this proposed regulation affect you or the business in which you are working? If so, how? Submit a copy of the proposed regulation along with your responses to these five questions. The proposed regulation can be submitted as either a separate Word document (.doc) or Adobe file (.pdf). This means you will submit two attachments to the Week 2 Dropbox: (1) a Word doc with the questions and your answers and (2) a copy of the proposed regulation you used for this assignment. (10 points) Interstate Commerce Commission (ICC) regulated interstate surface transportation between 1887 and 1995. This interests me because of the changes of transportation. Yes, it does affect me because they are doing price controls and entry controls on the collective vendor’s price setting in the United States transportation. 2. Describe the proposal/change. (10 points) It is regulated through varies transportation modes starting with the railroad industry and later the trucking and airline industry. 3. Write the public comment which you would submit to this proposal. If the proposed regulation deadline has already passed, write the comment you would have submitted. Explain briefly what you wish to accomplish with your comment. (10 points) Deregulation—freeing up the trucking market to permit much more flexible pricing and service...
Words: 269 - Pages: 2
...Week 2 Homework – Administrative Law Assignment State the administrative agency which controls the regulation. Explain why this agency and your proposed regulation interest you (briefly). Will this proposed regulation affect you or the business in which you are working? If so, how? Submit a copy of the proposed regulation along with your responses to these five questions. The proposed regulation can be submitted as either a separate Word document (.doc) or Adobe file (.pdf). This means you will submit two attachments to the Week 2 Dropbox: (a) a Word document with the questions and your answers and (b) a copy of the proposed regulation you used for this assignment. (10 points) Department of Health and Human Services – Food and Drug Administration As an independent pharmaceutical representative currently contracted with a company who manufactures, markets and samples prescription drugs for colds, coughs and allergies this will have a significant impact on my prescription product line. 2. Describe the proposal/change. (10 points) The proposal will no longer allow the marketing, production, distribution and or sell of unapproved FDA prescription drugs for colds, coughs and allergies. 3. Write the public comment that you would submit to this proposal. If the proposed regulation deadline has already passed, write the comment you would have submitted. Explain briefly what you wish to accomplish with your comment. (10 points) My comment is that although these drugs...
Words: 953 - Pages: 4
...Deregulation, 4. Intellectual Property Protection 5. Human Rights 6. International Trade Policy 7. Regulation & Anti-trust 8. Activist Pressures 9. Media Coverage of Business 10. Corporate Social Responsibility & 11. Ethics Management & Managers is both responsible for formulating and implementing nonmarket as well as market strategies. Market Environment determines significance of nonmarket issues to the firm. Nonmarket Environment shapes opportunities in the marketplace. Market Environment Nonmarket Environment a) Competitive a. Competitive b) Performance is determined by competition among firms as directed by their market or competitive strategies. b. Legislation, regulation, administrative...
Words: 1536 - Pages: 7