Introduction
Chevron’s philosophy is to be the energy company most admired for its people, partnership, and performance ("Chevron," n.d.). The company leverages it technology capabilities in order to align with business objectives, and the vision of the company. An environmental scan of how the company manages access has shown that there is an opportunity to improve in this area, which will increase, and improve the company’s security posture, and position itself further in being a world class leader in the energy sector.
Environmental Scan
An environment scan of the company’s access management efforts was performed in order to assess, and identify opportunities that may exist to strengthen the security of the company. In order to be a leader in the industry, the company must ensure its assets are protected, and that the shareholder’s interests are kept in mind. A SWOT analysis was conducted to better understand the strengths, weaknesses, opportunities, and threats within the environment. While not inclusive of every aspect, the image in figure one depicts focus points for each category within the SWOT.
The environmental scan was focused on access management, which in the case of Chevron is based on Active Directory groups. A weakness of the company is the size of the organization. Through multiple acquisitions, and mergers, there are 300,000 Active Directory groups, where in many instances no one truly understands the access that the group grants. An additional weakness, is
Company has evolved to handle joint ventures, but not all of them turn into successes.
Strengths Finder 2.0 identifies my top five strengths are adaptability, restorative, individualization, communication and strategic. I must use these strengths every day in my job and my home life. These strengths are apparent in all areas of my life both at work and home.
This review provides an in-depth strategic SWOT analysis of the company’s businesses and operations in the areas of internal strengths and weaknesses and external opportunities and threats. (Sector Publishing Intelligence)
The framework of security policy is defined to construct a structure by the help of which policy gaps can be identified in an easy manner. A system specific policy would assist to ensure that all employees and management comply with the policies. This is also used to maintain the confidentiality for user authentication would assist in the confidentiality aspect of security, maintain integrity (There are several limiting rules or constraints which are distinct in the relational data model and whose work is to maintain the data’s accuracy and maintain its integrity.), availability and authenticity of the system. Access controls are a collection of mechanisms that work together to create security architecture to protect the assets of an information system. One of the goals of access control is personal accountability, which is the mechanism that proves someone performed a computer activity at a specific point in time. So, the framework acts as the guideline
Employees who have electronic or physical access to critical assets should know how to handle sensitive data securely and how to report and respond to cyber security incidents. Ensuring that access privileges would revoked at termination or transfer and that all equipment and data are returned to the
Duke Energy is one of the largest electric power companies in the United States, therefore giving it an advantage over the other competition. More than 7 million people are powered through Duke Energy. The competitive factor will always be a part of this company due to its high demand of power and electricity throughout the states it supports. Other companies would gladly come in and take the spot if the chance was given.
Any enterprise has to pay special attention to computer security. Computer security is a field that is concerned with the control of risks related to computer use. A primary focus should be on the external threats to the computing environment. In enterprise with branches cross country, it is important to allow information from "trusted" external sources, and disallow intrusion from anonymous or non-trusted sources. In a secure system, the authorized users of that system are still
I hope you are all well; I am writing to inform you about the attached memo, which is meant to outline and help address several issues currently facing the company. Essentially, the memo describes the management problems at Green, Inc. and provides several changes that each one of you should implement with the employees operating under your supervision. I hope that we will work together as we seek to accomplish the vision and achieve the goals set by the organization.
Some of the items that will need to be made aware of and shared with executives, employee and the stakeholders of the organization is the managing and protection of Access Control and attack monitoring system, each and every member of the company will need to understand and abide by the policies that govern access control in the workplace, allowing other employees to enter a facility without each employee scanning their badges will be a breach of security. The awareness of securing network architecture and network communications components, raise awareness on security governance concepts and policies and risk and personal management. The support of the entire organization in the changes and improvement will results in an effective strategic
Organizations emphasized the use of physical security to help enable the use of physical access controls. It was reported that physical security became difficult to manage due to technology becoming complex every day (Hutter,2016). It was indicated that organization often over looked physical security until after a serious event had occurred. Per Hutter, physical security threats were either internal or external. Employees were considered external threats when they gain access to unobserved areas and were considered internal threats when their knowledge was utilized. Organizations were noted to implement the use of physical security through locked doors, access control systems (i.e. Paxton Access Inc, Identiv), alarm systems and many other important applicable measures.
The Vanguard group offers some investment options that one can consider investing in. These investment options include; retirement planning services, brokerage services and educational information for individuals. The retirement planning services are more of the services that have grabbed a wide range of the company’s customer base. There are some costs associated to the long run investment which cannot be avoided by all mean.
Andrews Corporation is a multimillion dollar company that was designed when the parent company was mandated by the SEC in a monopoly settlement. This action resulted in six smaller companies. Along with the other five companies when the government split a monopoly into identical competitors, Andrews manufactures and sells sensors in five diverse market segments. As a monopoly, operating inefficiencies and poor product offerings were not addressed because increasing costs could be passed onto customers. Secondly, mediocre products would sell because customers had no other choices. Although last year’s financial results were decent, it is now our job increase product sales, marketing strategies, efficient production, and proper financial management to achieve financial greatness.
In order to effectively implement security governance, the Corporate Governance Task Force (CGTF) recommends that organizations follow an established framework, such as the IDEAL framework from the Carnegie Mellon University Software Engineering Institute. This framework, which is described in the document “Information Security Governance: Call to Action,” defines the responsibilities of (1) the board of directors or trustees, (2) the senior organizational executive (i.e., CEO), (3) executive team members, (4) senior managers, and (5) all employees and users. This important document can be found at the Information Systems Audit and Control Association (ISACA) Web site at www.isaca.org/ContentManagement/ContentDisplay.cfm?ContentID=34997.
Organizational strengths, weakness, opportunities, and threats (SWOT) analysis is an integral part of the strategic plan that can help put into focus the potential needs and risks that could
According to What is SWOT Anlysis (2011), SWOT analysis is an analysis used to identify the internal factors (strengths and weaknesses) of the company as well as external factors (opportunities and threats) of the company.