Free Essay

Hw #3 Yummy Good Treats Scope Analysis

In:

Submitted By yaneth14
Words 561
Pages 3
1) Define the scope of the analysis

2) Identify assets for review

• Who will be involved? Is good to have a team set up that includes business personnel, because an information security team usually does not know the business processes and will focus their efforts on specific threats and technology and then would not be able to justify the need for new security products. Whereas business personnel will know their processes and what data is important for them, but most likely have little knowledge of the technology supporting their processes. • What will they do? they should be able to establish that protecting data is the primary goal of Yummy Good Treats and that all of the people processes, hardware, software and other technology are tools used to do view/modify the data. • What are the expected outcomes? Once the assessment is understood and sensitive data elements are identified, it is time to bring teams together to link business processes that access the sensitive data and the technology used to support those processes and evaluate where risks are present. Once this is complete the teams can define and evaluate controls that are appropriate for the protection of the data. • What will be done based on the outcomes? Once the sensitive data elements and needed security controls are identified, the teams can define and evaluate new controls that are appropriate for the protection of the data. • Why is this step important in the risk assessment? I consider this step to be very important because it is the step where all the assets are identified so that they can be properly secured. 3) Evaluate the importance of the organization’s assets

4) Identify assets threats and vulnerabilities

• Who will be involved and what will they do? Accountants who take care of financial information, including market assessments and Yummy Good Treats own financial records; also, all database administrators that have access to customer information, including confidential information that Yummy Good Treats hold on behalf of customers. • What are the expected outcomes? A plan should be developed against: a. Physical loss of data. Yummy Good Treats may lose immediate access to data for reasons ranging from natural disasters, accidents and/or disk failure, b. Interception of data in transit. This risk can include, but is not limited to, data transmitted between company sites, between employees, partners located at home or other locations. c. Data integrity. Intended modification of data that could help a third party or unintentional corruption that might be due to a software error that overwrites valid data. • What will be done based on the outcomes? a. Relationships with vendors and partners should be defined, who these organizations are and what kind of data you might exchange with them; as well as the protocols they should follow to protect Yummy Good Treats’ data. b. Making sure that all virus protection are up to date and scanning email, Web content, and file transfers for malicious content. c. Establish authentication, authorization, and accountability procedures for issuing and revoking accounts • Why is this step important in the risk assessment? This important because other than identifying the important assets of Yummy Good Treats, it also establishes countermeasures to protect these assets by defining protocols on how all data should be managed. 5) Develop a risk profile for the assessed environment 6) Determine a risk reduction plan for the environment

Similar Documents

Free Essay

The Origins and Development of the English Language (Textbook)

...THE ORIGINS AND DEVELOPMENT OF THE ENGLISH LANGUAGE This page intentionally left blank THE ORIGINS AND DEVELOPMENT OF THE ENGLISH LANGUAGE SIXTH EDITION ± ± John Algeo ± ± ± ± ± Based on the original work of ± ± ± ± ± Thomas Pyles Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States The Origins and Development of the English Language: Sixth Edition John Algeo Publisher: Michael Rosenberg Development Editor: Joan Flaherty Assistant Editor: Megan Garvey Editorial Assistant: Rebekah Matthews Senior Media Editor: Cara Douglass-Graff Marketing Manager: Christina Shea Marketing Communications Manager: Beth Rodio Content Project Manager: Corinna Dibble Senior Art Director: Cate Rickard Barr Production Technology Analyst: Jamie MacLachlan Senior Print Buyer: Betsy Donaghey Rights Acquisitions Manager Text: Tim Sisler Production Service: Pre-Press PMG Rights Acquisitions Manager Image: Mandy Groszko Cover Designer: Susan Shapiro Cover Image: Kobal Collection Art Archive collection Dagli Orti Prayer with illuminated border, from c. 1480 Flemish manuscript Book of Hours of Philippe de Conrault, The Art Archive/ Bodleian Library Oxford © 2010, 2005 Wadsworth, Cengage Learning ALL RIGHTS RESERVED. No part of this work covered by the copyright herein may be reproduced, transmitted, stored, or used in any form or by any means graphic, electronic, or mechanical, including...

Words: 164520 - Pages: 659