Management Of Information Security
6th Edition
ISBN: 9781337405713
Author: WHITMAN, Michael.
Publisher: Cengage Learning,
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 11, Problem 1EDM
Explanation of Solution
Justification:
“Yes” the work done by Iris would be unethical.
Reason:
Iris knows that she is going to leave the company in few days and postponing the m...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
A coworker of yours was fired for policy violations. You know for a fact, that other employees were not in compliance with policy.
Was this a wrongful termination? How can policy compliance be enforced?
Mr. Art Pang is the Accounts Receivables manager. We have been assigned to gather the system requirements for a new billing system, and we need to solicit facts from his subordinates. Mr. Pang has expressed his concern that, although he wishes to support us in your fact-finding efforts, his people are extremely busy and must get their jobs done.
1. Describe a fact-finding strategy with rationale, that we could follow to maximize your fact-finding while minimizing the time required from his subordinates.
2. Once we have gathered the requirements, they must be recorded. What techniques would we use to capture the requirements for the new billing system? Explain your rationale.
One option is to look for work elsewhere. If you were interviewing for a job, what details about yourself would you want the hiring manager to know? How does your Strengths Test score contribute to demonstrating your value to the organization, and what can you do to strengthen it? It would be helpful if you could provide me some evidence to back up your claim.
Chapter 11 Solutions
Management Of Information Security
Ch. 11 - Prob. 1RQCh. 11 - Prob. 2RQCh. 11 - Prob. 3RQCh. 11 - Prob. 4RQCh. 11 - Prob. 5RQCh. 11 - Prob. 6RQCh. 11 - Prob. 7RQCh. 11 - Prob. 8RQCh. 11 - Prob. 9RQCh. 11 - Prob. 10RQ
Ch. 11 - Prob. 11RQCh. 11 - Prob. 12RQCh. 11 - Prob. 13RQCh. 11 - Prob. 14RQCh. 11 - Prob. 15RQCh. 11 - Prob. 16RQCh. 11 - Prob. 17RQCh. 11 - Prob. 18RQCh. 11 - Prob. 19RQCh. 11 - Prob. 20RQCh. 11 - Prob. 1ECh. 11 - Prob. 2ECh. 11 - Prob. 3ECh. 11 - Prob. 4ECh. 11 - Prob. 5ECh. 11 - Prob. 1DQCh. 11 - Prob. 2DQCh. 11 - Prob. 1EDM
Knowledge Booster
Similar questions
- The Dunkin' Donuts franchisees are both owners and consumers of the NDCP since it is a membership cooperative. Was the NDCP's enormous protection strategy aided by such an ownership structure? What are the potential drawbacks?arrow_forwardEthical Decision Making Suppose Amy Windahl left the kickoff meeting with a list of over 200 assets that needed to be evaluated. When she looked at the amount of effort needed to finish assessing the asst value and their risk evaluations, she decided to "fudge" the numbers so that she could attend a concert and then spend the weekend with her friends. In the hour just before the meeting, in which the data was due, she made up some values without much consideration beyond filling in the blanks. Is Amy's approach to her assignment ethical? After the kickoff meeting, suppose Charlie had said, "Amy, the assets in your department are not that big of a deal for the company, but everyone on the team has to submit something. Just put anything on the forms so we can check you off the list, and then you will get the bonus being paid to all team members. You can buy me lunch for the favor." Is Amy now ethically justified in falsifying her data? Has Charlie acted ethically by establishing an…arrow_forwardAfter reading the case presented in the module, write a short response to the following discussion questions and ethical decision making scenario. Discussion Questions Before the discussion at the start of this chapter, how do Fred, Gladys, and Charlie each perceive the scope and scale of the new information security effort? Did Fred’s perception change after that? How should Fred measure success when he evaluates Gladys’ performance for this project? How should he evaluate Charlie’s performance? Which of the threats discussed in this chapter should receive Charlie’s attention early in his planning process?arrow_forward
- Create a list of the factors you feel are most important to your satisfaction in your current position and provide justifications for each.arrow_forwardIn the office of Drano Plumbing, Damon Davis was finishing off some paperwork. A net profit of $50,000 was predicted by him. The Balance Sheet showed a deficit of $400,000 and a credit of $300,000 when he added up the two columns. So, what do you think caused the findings to be so different? What more might he check to see whether that's the issue, if this wasn't the cause?arrow_forwardBecause NDCP is a membership cooperative, Dunkin' Donuts franchisees are both owners and customers. What might be some advantages to such an ownership structure in terms of getting the support of all stake holders for massive protection as the one NDCP undertook? What might be some disadvantages?arrow_forward
- 1. In general, a procedure represents a short-duration task, while long tasks are called ________ and contains multiple procedures. A. practices B. processes C. policies 2. ___________is a statement describing how the organization is to be run, from the perspective of management intent. A. Policy B. Standard C. Procedure 3. __________ allows employees to use their own personal devices for work purposes or within the company network. A. CYOD B. COPE C. BYOD 4. CDs and paper documents that belong to a private organization should be shredded or otherwise destroyed to prevent ______________. A. Shoulder B. Dumpster diving C. Phishingarrow_forwardIn this project, design your own case study involving a hypothetical cybersecurity scenario. After coming up with your case outline, you must identify: 1. The various types of stakeholders potentially affected by the case, and the differentstakes/interests they have in the outcome.2. The different types of cybersecurity professionals or practitioners that might be involved in a case like this, and their specific responsibilities.3. The potential benefits and risks of harm that could be created by effective or ineffective cybersecurity practices in the case, including ‘downstream’ impacts.4. The ethical challenges most relevant to this case 5. The ethical obligations to the public that such a case might entail for the cybersecurity professionals involved.6. Any potential in the case for disparate impacts on others, and how those impacts might affect the lives of different stakeholders 7. The ethical best-case scenario (the best outcome for others that the cybersecurity practitioners…arrow_forwardBack at Attaway Airlines, the morning meeting ended with no agreement between the VP of finance and the marketing manager. In fact, a new issue arose. The VP now says that the new accounting system is entitled to the highest priority because the federal government soon will require the reporting of certain types of company-paid health insurance premiums. Because the current system will not handle this report, the VP insists that the entire accounting system is a nondiscretionary project. As you might expect, the marketing manager is upset. Can part of a project be nondiscretionary? What issues need to be discussed? The committee meets again tomorrow, and the members will look to you, as the IT director, for guidance.arrow_forward
- Suppose Amy Windahl left the kickoff meeting with a list of over 200 assets that needed to be evaluated. When she looked at the amount of effort needed to finish assessing the asset values and their risk evaluations, she decided to “fudge” the numbers so that she could attend a concert and then spend the weekend with her friends. In the hour just before the meeting in which the data was due, she made up some values without much consideration beyond filling in the blanks. Is Amy’s approach to her assignment ethical? After the kickoff meeting, suppose Charlie had said, “Amy, the assets in your department are not that big of a deal for the company, but everyone on the team has to submit something. Just put anything on the forms so we can check you off the list, and then you will get the bonus being paid to all team members. You can buy me lunch for the favor.” Is Amy now ethically justified in falsifying her data? Has Charlie acted ethically by establishing an expected payback for this…arrow_forwardIs Charlie doing a good job of arranging the work for the meeting ahead of time? What is the explanation behind this, or why isn't it the case? Make a list of the most pressing issues you think should be addressed in the work plan. Give a brief explanation for each issue.Will the company's newly formed staff be able to offer useful information? What is the explanation behind this, or why isn't it the case?What might be the rationale for certain attendees' opposition to the meeting's goals? Is it clear that everyone who was invited was made aware of the importance of the event and the issues that arose as a consequence of it?arrow_forwardC. List the components of PKI, then describe each component and its function. What are certification and accreditation when applied to information systems security management? List and describe at least two certification or accreditation processes. You've been hired by an investment company with 500 employees to serve as their Information Systems Security Manager. Your first task from the Chief Information Officer is to write a series of policies and procedures as the company has nothing in place. Where is a good place to start your research? List at least 3 policies and procedures that you would work on first and explain why these three should be considered early. Recommend a password policy. If the C.I.A. triangle is incomplete, why is it so commonly used in security? Explain what value an automated asset inventory system has for the risk identification process?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Information Technology Project ManagementComputer ScienceISBN:9781337101356Author:Kathy SchwalbePublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
- Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning