The Virtual Case File Program

Based on our learning from week one of our class, the purpose of this paper is to discuss the leadership perspectives manifested in both Bobby Knight and Mike Krzyzewski, coaches who have made significant marks in their field in college basketball. I hope to be able to identify the power bases both coaches rely upon, as well as whether their actions are more aligned with either a managerial role or leadership role. In addition, I hope to identify how significant the leadership traits have influenced their leadership, based on the five-factor

MEMORANDUM 03.01.2010 TO: FROM: RE: Daphne Matthews Alex Associate - 4667 Memo Assignment 1: Who Does the Pastry?

Issue 4: Information Security officials failed to effectively trigger appropriate notifications and begin an investigation of the stolen data. The information security official’s incident report contained omissions and significant errors. This resulted in missed opportunity to re-create the contents of the laptop and external drive and to recognize the severity of the potential loss of data. The cybersecurity operations officials failed to ensure a timely investigation and notifications were made regarding the severity of the lost data (Opfer, 2006).

Team “C” was hired by Riordan Manufacturing management to overhaul the security features currently employed by the company. Management outlined a comprehensive plan that included a complete hardware refresh, security best practices and end user training. Team “C” will devote resources to assess the physical and network security issues and concerns at each Riordan plant. Once those have been identified, Team “C” will identify the data security issues and concerns present at each Riordan plant. Finally, Team “C” will address web security issues and concerns present at each Riordan plant and recommend a way forward for the company.

Another factor to ensure success is to train the IT personnel on the system’s applications and processes. How well the IT personnel understand the systems is extremely relevant to the success of system implementation. The involvement of IT personnel, who have knowledge regarding the application requirements, increases the ability of the team to correctly and quickly specify the requirements. Experienced IT personnel on a team help ensure others understand terminology and have more of an understanding of the stakeholders needs (Havelka and Lee, April 25, 2002).

Another way of successfully gathering information is by building a prototype or model of the system, so that users can test or get an idea of what the finished product will be like. With this they can determine issues, problems, or inconsistency with the system. Another important part of gathering information is organizing it so that it can be understood and put to proper use. I propose categorizing the requirements into functional requirements, operational requirements, technical requirements, and transitional requirements. The functional requirements define how the user thinks the system is functioning overall, the operational requirements define what background processes need to be executed in order for the system to work optimally over a period of time, the technical requirements define what technical issues that must be addressed in order to successfully implement the system, and the transitional requirements define the processes or steps needed to implement the system smoothly and successfully. ("Mind Tools", 2012).

University of Phoenix. (2013). Case Scenario: BUGusa, Inc. [Multimedia]. Retrieved from University of Phoenix, LAW241 - CONTEMPOR

For this reason, it is imperative that the information gathered is reliable and accurate to ensure the evidence collected can be utilized by the digital forensic investigator for the current case (Ingalls & Rodriguez, 2011). Additionally, cyber incidents require digital forensic investigators to interview various individuals regarding the information needed for the case. According to the National Institute of Justice (2004), interviewing the system administrator, users, and employees of an organization regarding a cyber incident would provide investigators with valuable information; for example, user accounts, email accounts, network configuration, logs, and passwords. Furthermore, for digital forensic investigators to conduct an effective interview, they must have the proper tools and training to employ the interview process. For instance, formal procedures or instructions should be developed and implemented to ensure that the investigator follows a standard during all investigations. Additionally, training should be provided to ensure that digital forensic investigators comprehend by what means to prepare, conduct, and evaluate an interview. Furthermore, resources should be made available for digital forensic investigators to accomplish their tasks; for example, recording devices and references. Also, definitions should be provided to the digital forensic investigators for

In the current society, business, organizations and government are very dependent on computers and Internet. Adequately protecting an organization 's information assets is a requisite issue. Many organizations have deployed security software or devices, such as firewalls or intrusion detection systems, to help protect their information assets and to quickly identify potential attacks. IBM Systems Journal states that "some organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to hack into their computer systems" (IBM 2001). This might be a good way to evaluate the system vulnerability. However, to allow a penetration test team break into their systems, the organization may have faces some risks. For example, the penetration test team may fail to identify significant vulnerabilities; sensitive security information may be disclosed, increasing the risk of the organizations being vulnerable to external attacks (The Canadian Institute of Chartered Accountants). Some organization even send their system administrator to be trained Ethical Hacking as a career course in Tertiary

In 1997 the National Security Agency (NSA) tested the Pentagon’s cyber security in an exercise named “Eligible Receiver”. Within two days of the exercise, the NSA team had penetrated the classified command network and was in complete control of network. Two years later, the United States Air Force experienced a computer breach in which huge amounts of data were being exfiltrated from research files located on airbases. “Gigantic amounts of data were being shipped out from a lot of computers in the Defense Network and from many data systems in the national nuclear laboratories of the Energy Department.” (Clarke, p. 111) File case named “Moonlight Maze”, by the FBI day-lighted two important aspects of information security. Computer specialist

According to Mueller (2005), the FBI did not have complete set of system requirements when the contract was awarded to SAIC. Even though the FBI had an 800-plus requirements document, the requirements were too complicated, incomplete and not sufficiently defined. Also the requirements documents focused more on the finer details of the system layout instead of the high level functions of the system (Goldstein, 2005). Failure of the VCF project was also caused by continuously changing requirements. During the project life-cycle, the FBI made 400 change requests most of which had major impact on what was already designed and produced.

After reading the case, one continues to come up with new problems and issues along the way that are related to information technologies. The three main problems we encountered in this case are lack of IT knowledge, inappropriate planning, and ineffective and inefficient Resource Management. Each of these issues requires specific attention to fix the next problem and so forth. The solution to attack each individual problem or issue will be explained as follows.

In the case study “Who Killed the Virtual Case File”, the author, Harry Goldstein divulges the downfall that the FBI had when they tried to implement a custom build case-management software that they were never able to use. The FBI was using many different systems and were trying to create a system that would combine all current programs/systems together to easy accessibility for all agencies in the US. Goldstein interviewed many key players within the process to gain their points of view as to why the project failed. Our team has comprised a top five risks analysis as to why the project failed in the order of importance. These are:

The project did not achieve desirable standards as far as customer requirements, scope, environment and execution were concerned. It was important that the project integrators to ensure customers do not escalate during the implementation of the project, being the first adopters of the software FoxMeyer should have exercised caution by adopting the software in phases rather than implementing the project directly, furthermore, execution was the biggest problem, despite knowing that the project needed skilled personnel FoxMeyer did not train staff during the early stages of the project and had to rely on consultants. Finally the company should have gained control over the project from the start to ensure that all the staff and management were involved but in this case despite knowing that the project would not work as envisaged the management did not take control or stop the implementation of the project.

The article chosen for CASE was written by Chau titled An Empirical Investigation on Factors Affecting the Acceptance of CASE by Systems Developers. This article examines the organizational and behavioral sources of potential difficulties of CASE adoption among developers. Since CASE is used solely by information system professionals, the study conducted by Chau was developed to reveal “factors that affect acceptance by systems developers” (1996, p. 270). At the time of Chau’s study, CASE was a relatively new approach for information system professionals and many developers were required to use it upon its implementation within a company. This change forced many information system professionals to alter their work, skills, and attitude which often can result in resistance (Chau, 1996). The most significant effect Chau found for acceptance of CASE was ease of use and perceived usefulness within the constructs of long-term consequences. Since many of the information system professionals in the study had limited experience with CASE, the gap in experience impacted the ease of use and therefore acceptance of the CASE systems. Perceived usefulness within long-term consequences helped the information system professionals accept CASE since using new technology can affect future career prospects. The CASE experience gained may help the individual in finding and obtaining new positions. Chau suggested that it would be beneficial for a company implementing CASE for the first time to