You are part of a team selected by the Chief Information Officer (CIO) to perform a security audit for one of the companies explored in this course:
Vampire Legends (Wk 1)
Cruisin’ Fusion (Wks 2–3)
Devil’s Canyon (Wks 4–5)
Create a 10- to 12-slide presentation (not including the title and reference slides) that shows the results of your security audit based on the following audit process:
Potential Risk to be Reviewed: Describe the risk.
Example: Viruses and malware can negatively impact the confidentiality, integrity, and availability of organizational data.
Regulation and Compliance Issues: Analyze how regulations and compliance issues could impact the organization.
Provide a detailed analysis of regulations and compliance issues, beyond the simple explanation in score point two.
Regulation and Compliance Resources and Tools: Analyze what resources and/or tools are available to address regulations and compliance issues.
Describe the control objective and the specific controls you will evaluate to determine potential risk is mitigated. Please note that typically, there will be more than one control that should be reviewed for a potential risk.
Example: Determine whether anti-virus software is in use.
Example: Determine whether virus signatures are periodically updated.
Example: Determine whether periodic virus scans are performed.
Provide a detailed analysis of the resources and/or tools available, beyond the simple explanation in score point two.
IT Security – Processes and Methods: Differentiate between the various processes and methods involved in management of IT security resources.
Review the various options available to address those processes and methods previously explained, and which ones might be feasible.
IT Security – Measures: Analyze the various security measures that could be taken within the organization.
Demonstrate a detailed understanding of what the alternatives are to approach security, how much security is needed, different methods to employ, etc.
Describe the criteria/measures that you will use to evaluate the adequacy of each area/review step that you review (i.e., what criteria will you use to perform your evaluation/how will you determine that the risk has been mitigated to an acceptable level).
Example: 100% of servers and PCs have virus software installed.
Example: 100% of the virus software installed is set to automatically update, including virus signatures.
Example: 100% of the virus software installed is set to automatically perform a scan at least weekly.
Include a 1/2- to 1-page executive summary to support your presentation. This may be a slide in the presentation. Include appropriate references.
Note: The title page/slide and reference page/slide do not count toward the assignment length requirement
Part A: Role Playing Simulation: Vampire Legends.
As the acting chief information officer (CIO), I will provide strategy and budget for the game This issue will be achieved by breaking down the budget report and choosing an allocation strategy for risks as well as expenses that will be involved, I will start by identifying what the best advertising campaign would be and analyze any threats that would be related to information security, for the point of action that would be for each threat. I will ensure the budget is clear by showing how each dollar will be spent. The budget will help us feel more in control of our finances and make it easier to save more money for our goals. I will follow a simple process based on the risks and expenses, involving calculating our net income, tracking our spending, setting a more realistic goal, planning, adjusting our spending to stay on budget, and finally, reviewing the budget to ensure it’s sustainable.
The sequel to Vampire Legends budget will entail a marketing campaign, IT, Digital Rights Management, and salary increase expenses. They will cost $3, $3, $2, and $2, totaling $10. It requires a lot of hard work, time, and money. To ensure this will not be a problem, I will identify an advertising campaign involving generating exciting content online by releasing well-composed trailers to attract more viewers. This will make the sequel look more like a documentary rather than a traditional film. The table shows commonly identified information security threats and possible courses of action to deal with software attacks, I would recommend we train our staff regularly, always keep our software and systems fully up to date, back up our data, and install a Firewall. To prevent Intellectual Property Theft, I recommend keeping our operating systems and all software up to date. Lastly, all staff will be trained to identify spear-phishing and ensure systems have an appropriate firewall and antivirus technology.
Part B: Memo to the Chief Executive Officer.
To: Chief Executive Officer.
From: Britney Jackson
Subject: SUMMATIVE ASSESSMENT: VAMPIRE LEGENDS.
This memorandum aims to discuss the Vampire Legendsconflict to show the relationship between ethics and its success
Analysis of Components of Information Security: The sequel to Vampire Legends budget will entail marketing campaign, IT, Digital Rights Management, and salary increase expenses, and they will cost $3, $3, $2, and $2, respectively, a total of $10. The best advertising campaign will generate exciting content online by releasing well-composed trailers to attract more viewers. This will make the sequel to Vampire Legends look more like a documentary than a traditional, fictionalized scary film.
The table below shows the identified information security threats and also its possible course of action.
Information security threats
Possible course of action.
The organization will train staff to keep software and systems entirely up to date, ensure it back up all data, and install a Firewall.
Theft of intellectual property
The organization will keep its operating systems and all its software up to date.
All staff will be trained to identify spear-phishing and ensure systems have an appropriate firewall and antivirus technology.
Role of Ethics: each visionary organization is supposed to have an ethical code that guides it to make informed decisions, become productive, gain competitive advantage, and maintain a good public image. Eccles, Ioannou & Serafeim (2012) “suggest that a company that has established behavioral policies can improve its reputation and help ensure its long-term success”. Vampire Legends aims to develop the proper ethics and behavior in the workplace acceptable and unacceptable amongst employees.
The conflict was experienced when the Vampire Legends organization violated customers’ information confidentiality. The consequence of shutting down the game, caused the organization to come up with new strategies for dealing with security threats. The solution was to develop a risk management plan, after removing the game The impact of ethics on revenue includes how it lost a lot of money after shutting down the game, and how it is affecting the organization’s profitability.
Eccles, R. G., Ioannou, I., & Serafeim, G. (2012).The impact of a corporate culture of sustainability on corporate behavior and performance(Vol. 17950). Cambridge, MA, USA: National Bureau of Economic Research.
Student’s Name; Britney Jackson
Instructor’s Name: Ellen Gaston
Course: CMGT 582
Developing a website inherited from Uncle AI is a great idea on developing a chain of concession.
Clearly, a website can improve the chain of concession just like it did improve the taco business with the taco food truck.
Change is inevitable and diversifying the business is a good idea.
The thought of expanding the business is wise as it is diverse and thus will target more customers.
Also, diversifying will mean partnering with friends which will increase capital and better-informed decisions will be made due to consultation among the partners.
The partnering also increases the marketing team thus increase in pay off.
Targeting more people and more customers is a great idea that will lead to business expansion due to a large target market.
Partnering with friends to expand the target market with the concession truck is a great idea that will open new markets for the business. Delivering distinctive and healthy meals in events, outdoor concerts, rallies and sports events will lead to the success of the business as the customers get quality services delivered to them.
Ethical issues related to employee data collection and management
The business should collect only the necessary data from the customer and any information not related to business should not be collected.
During the collection of the data, the customers data should be protected and should not be used to put the customer in jeopardy
The customers data should not be shared to any third part or unauthorized party without seeking the customers consent (Milano et al.,2020).
The business should not browse or go through customers data unnecessarily.
The collected data should not be sold to any third party for instance competitors to make any business gains.
Any errors found in the customer data collected should be corrected.
During data collection, the business should ensure they combat any behavior that may lead to the customers being harmed.
The collection of data should be voluntarily as a customer should not be forced to providing any information.
Protecting customer information
The business should aim at protecting the information provided to them by the customers as a way to protect both the business and their customers and this can be done in several ways.
The business should install a software for data protection and ensure they regularly update the software.
The customer data provided should be encrypted to ensure no third parties get access to it.
The files used to collect the data from customers should be destroyed before being dumped to insure they do not land into unauthorized hands (Singh et al.,2020).
Strong passwords should be used to store the information.
In case any data is stored in hard copies, they should be physically locked and kept in safe places.
Only customer data that will be needed in future should be kept by the business.
When the customers provide a business with information, it is clear that they trust the business will use that information for the good of both the business and the customers. Therefore, it is only fair and ethical that the business ensures the data they collected from the customers is secure. The business should ensure the data is inaccessible to third parties and it is not used for fraud or committing crimes. The business cn easily do this if it understands the type of data it is dealing with and the importance of protecting that information.
Need to protect intellectual property of customers
For the customers that submit their name suggestions, there will be a need for protection.
Protecting the intellectual property of these customers will be critical in fostering innovation.
For any inventions made under that name, individuals and businesses will be entitled to reap full benefits (Ali & Tang 2022).
The development and research activities carried out by the business will be protected by the registrations and intellectual property rights.
During negotiation for counterclaims and cross-licensing, the business will have a strong ground for the negotiations.
The business will be in a position to protect other businesses from using a similar creation or product as theirs.
The intellectual property of customers in this case will cover any name, design idea, discovery, or creative work produced by the customer. Since the customer will go through all the trouble to produce name suggestions, there is need to protect them which in return will protect any invention, idea or creativity developed by the business in this name.
Protection Cruisin’ Fusion needs in order to use the suggested name
To use the name suggested by the customer, the business needs protection to ensure the name remains valid for the business.
The business should enter into a contract with the customer who suggested the name and comes up with a strategy to acquire the name from them and make it the business’s official name.
The business should then register the domain name as theirs. Registering the business with this name is a step towards stopping any disappointment in the future in case the customer claims the name since the registration is irreversible.
For protection purposes, the business should trademark the business name as well asthe logo.
Protecting the name of the company ensures that Cruisin Fusion is the lawful owner of the business name and that it is the only entity allowed to conduct business with that name. the protection also ensures that the customer that came up with the name is compensated but will not claim the name later. The business name is an asset thus it requires to be protected since it is the main factor identified with the business. Protecting a business name means protecting its brands, logos and also innovations.
Protection disclaimer required by the customer
The customers require that the personal information they provided during the businesses’ data collection should be used only for business purposes.
The customers require that no competitor or a third party should get access to their personal information.
The customers personal information should be stored in secure software and should be encrypted.
All the intellectual property collected during the contest should be utilized for the gain of the business and the customers involved should be rewarded for their participation in acquiring them.
The advertised products that are on the website should have the name of the customer whose name suggestion won the contest.
The disclaimers posted on the blog will address the liability that will befall the business in case they violate the terms and conditions of their agreement with the customers. The disclaimer will motivate the business towards operating under the set rules to avoid the business name being used in a way that would mislead the public.
Singh, M., Pilkington, C., & Staden, W. V. (2020, August). Protecting Personal Data Within a South African Organisation. InInternational Information Security Conference(pp. 50-64). Springer, Cham.
Ali, S., & Tang, H. (2022). Is intellectual property beneficial to knowledge management? Literature review on organizational knowledge protection.Journal of the Knowledge Economy, 1-19.
Milano, S., Taddeo, M., & Floridi, L. (2020). Recommender systems and their ethical challenges.Ai & Society,35(4), 957-967.
Student’s Name: Britney Jackson
Course: Security & Ethics
Professor’s Name: Ellen Gaston
ORDER AHEAD OPTION
When combined with your Square ecosystem, order ahead technologies provide lots of new marketing options for suppliers, all of which can be set up and controlled remotely. The popularity of Cruisin’ Fusion taco trucks has increased. This has increased the need for a pre-order option on our website. Customers may place orders up to two weeks in advance with the new Order Ahead tool. This innovative feature enables clients to construct their digital shopping basket far ahead of when they need tacos. The new Order Ahead option is now accessible at a selection of high-demand establishments. The program also offers mobile ordering and a widget for table reservations. In addition, advanced capabilities, such as credit card payments, are accessible with paid premium subscriptions.
Laws enforce the behaviors we are required to engage in, but ethics propose the behaviors we should engage in and help us examine decision-making alternatives. Organizational policies are the rules and restrictions that workers must abide by to maintain company operations.
The new shopping cart software adheres to customer privacy norms. During data gathering, Cruisin’ Fusion taco trucks will fight against any activity that may have endangered consumers. The consumer gathering of data will be optional.
With cybercrime showing no signs of abating, securing client information will be necessary. There are organizational procedures that will be adopted to safeguard customer information. This will be accomplished by gathering just the data crucial to our marketing activities. There is data protection software installed, and customers should routinely update it. Customer data is encrypted to prevent unauthorized access by other parties. Passwords that are difficult to guess will be used to store the information.
There are ethical factors involved in keeping anonymity. The website will neither utilize nor disclose content-related personal information. We will gather information solely for needed reasons. Users will be informed of how their data will be used, shared, and kept and will be required to agree to particulars. We will continually improve our security architecture.
Numerous privacy rules and regulations are adhered to by shopping cart software. A legal document will describe how Cruisin’ Fusion taco trucks gather, manage, and process customer and visitor data. These regulations will compel our company to get the agreement of software users whose data we will retain or process before storing or processing it. The program will link to the website’s footer for customers to agree to the Privacy rules and regulations.
Running Head: 1
Name: Britney Jackson
Institution: University of phoenix
Instructor: Ellen Gaston
Date of submission: 05/29/2022
Based on the data I gathered from role-playing stimuli, there are different relationships between strategies and safety plans and relationships between strategies described in other safety plans but not this idea. This will ensure there is a proviso of the layout of the general security policy. Based on the email that I received from Jumbo security policy it was important since it talked about the policy structure that was a major concern about the procedure as a result, we will have to ensure there is an effective update to the internet. I think we should ensure everyone that will be coming to the different slopes signs a consent form this will be to ensure that they are protected from lawsuits.A security plan ensures that each person knows their roles and resources that need to be applied to help with managing security risks. The plan will allow the security to review the risks in various different areas . Theplan will also help with reflecting a more protective security requirementsplan that is much more suitable for each level of threat, the risks to the company’s assetsas well as the risks of the footage of thewebcams theseare some security risks thatwe may have to deal with. hackers or any malicious person can get into the system this is not secure enough, we can run into all types of problems if this happens to occur. Being certain that we have some secure footage is detrimental we will need consent to release the different feed that we come across to thewebsite and to the people . Another s risk that could cause issues is if we do not have a secure wifi connection. Being on top wifi connectionis important we do not want thecustomers to give us anybad reviews if their information gets out while they are signed on to our internet be sure thatconnection is strong so that itmake our complaint level about weak connection we should shift our focus along with thatto the smartphones that we are giving to the working keeping up with rather they are only being used for company use. Viruses can be a huge security issue, if our devices are not kept up to date we should have a separate server for our guests to use this will help the company .This is a lot of information but using their phones couldput the company’s connection at risk at this point we will have a lot ofproblems with the network connection.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more