Management Of Information Security
6th Edition
ISBN: 9781337405713
Author: WHITMAN, Michael.
Publisher: Cengage Learning,
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 6, Problem 1EDM
Explanation of Solution
Executive expressing disagreement with Mike’s approach:
In this scenario, the executive crossed the ethical line. It is because of the reasons given below:
- The executive tried to threaten Mike’s approach by giving some non-specific reasons...
Explanation of Solution
Overt actions taken by Mike:
“Yes”, Mike must inform others about the conversation. It is because of the following reasons:
- To gain support from others, Mike must tell others about the wrong implementation of the executive...
Explanation of Solution
Actions done by Mike that would not embarrass the other executives:
Without hurting or embarrassing the other executives, Mike could do the following things.
- Mike can conduct a meeting with the same executive to describe each and everything in detail...
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
Have you experienced scope creep in your development of a Risk Management Plan (or other policy)? If so, how did you handle it? If not, what actions would you have taken to control scope creep? (Remember, if you have not personally experienced this situation, please research a company or individual who has dealt with scope creep and provide a brief overview of their situation. Be sure to copy/paste the link from which you retrieved the information)
Ethical Decision Making
Suppose Amy Windahl left the kickoff meeting with a list of over 200 assets that needed to be evaluated. When she looked at the amount of effort needed to finish assessing the asst value and their risk evaluations, she decided to "fudge" the numbers so that she could attend a concert and then spend the weekend with her friends. In the hour just before the meeting, in which the data was due, she made up some values without much consideration beyond filling in the blanks. Is Amy's approach to her assignment ethical?
After the kickoff meeting, suppose Charlie had said, "Amy, the assets in your department are not that big of a deal for the company, but everyone on the team has to submit something. Just put anything on the forms so we can check you off the list, and then you will get the bonus being paid to all team members. You can buy me lunch for the favor."
Is Amy now ethically justified in falsifying her data? Has Charlie acted ethically by establishing an…
Suppose Amy Windahl left the kickoff meeting with a list of over 200 assets that needed to be evaluated. When she looked at the amount of effort needed to finish assessing the asset values and their risk evaluations, she decided to “fudge” the numbers so that she could attend a concert and then spend the weekend with her friends. In the hour just before the meeting in which the data was due, she made up some values without much consideration beyond filling in the blanks. Is Amy’s approach to her assignment ethical?
After the kickoff meeting, suppose Charlie had said, “Amy, the assets in your department are not that big of a deal for the company, but everyone on the team has to submit something. Just put anything on the forms so we can check you off the list, and then you will get the bonus being paid to all team members. You can buy me lunch for the favor.”
Is Amy now ethically justified in falsifying her data?
Has Charlie acted ethically by establishing an expected payback for this…
Chapter 6 Solutions
Management Of Information Security
Ch. 6 - Prob. 1RQCh. 6 - Prob. 2RQCh. 6 - Prob. 3RQCh. 6 - Prob. 4RQCh. 6 - Prob. 5RQCh. 6 - Prob. 6RQCh. 6 - Prob. 7RQCh. 6 - Prob. 8RQCh. 6 - Prob. 9RQCh. 6 - Prob. 10RQ
Ch. 6 - Prob. 11RQCh. 6 - Prob. 12RQCh. 6 - When you document procedures, why is it useful to...Ch. 6 - Prob. 14RQCh. 6 - Prob. 15RQCh. 6 - Prob. 16RQCh. 6 - Prob. 17RQCh. 6 - Prob. 18RQCh. 6 - Prob. 19RQCh. 6 - Prob. 20RQCh. 6 - Prob. 1ECh. 6 - Prob. 2ECh. 6 - Prob. 3ECh. 6 - Prob. 4ECh. 6 - Prob. 5ECh. 6 - Prob. 1DQCh. 6 - Prob. 2DQCh. 6 - Prob. 1EDM
Knowledge Booster
Similar questions
- Suppose there is a big ABC organization which offers different products for their customers. When the said organization develops the different products for customers, then there is a possibility of different hazards, which may affect the process of development. What type of procedure and process should be follow by management department for risk management to avoid or mitigate the incoming risks, to produce better quality products at the end?arrow_forwardUndertake a Risk Management Process for a financial institution. Illustrate your answers with examples and case scenario in 300 words. Discuss the proactive risk strategies that could be deployed.arrow_forwardExactly what do you mean when you talk about risk management? In the context of risk management, what are the advantages of recognizing the risks and vulnerabilities associated with assets?arrow_forward
- You have been tasked to initiate a risk management program for your company. The CEO has just asked you to succinctly explain the relationship between impact, threat, and vulnerability. Think quick on your feet and give a single sentence that explains the relationshiparrow_forwardDiscuss and write a short summary on how to help Chris and the company in managing the riskarrow_forwardSelect one HIM function (e.g., coding, release of information, chart completion, transcription, filing/chart retrieval, document imaging, etc.). For this function, identify and describe one risk associated with this function. Elaborate on how each risk management principle could be applied to your identified risk: Risk assessment Risk mitigation Risk transference Risk avoidance Risk acceptance Describe your chosen risk in a sentence or two. Then provide one substantial and descriptive paragraph for each principle.arrow_forward
- What is risk management? Why is the identification of risks and vulnerabilities to assets so important in risk management?arrow_forward1. For each of the resources in the network diagram above, specify one possible risk. Also, use a ranking system of 1 to 5, where “5” is the most critical for the likelihood of occurrence and degree of impact. Based on any tool or formula you would like to implement, list and prioritize the risks to start with.arrow_forwardWhat exactly do you mean by risk management? What are the benefits of identifying assets' risks and vulnerabilities in risk management?arrow_forward
- Your company has entrusted you with the responsibility of developing a program for risk management. The Chief Executive Officer of the company has just asked you to explain, in as few words as possible, the link that exists between impact, hazard, and vulnerability. Develop in a hurry a single sentence that summarizes the relationship between the two things.arrow_forwardAs a risk manager of an emerging property investment company, you have been asked to conduct a security risk profile. You have already identified a risk register with associated sensitivity. However, your manager would like to have a high-level view of the risk impact categories for the identified resources. Explain to your manager the most common impact categories that should be included in a security profile and the reasons why.arrow_forwardWhy is it important to treat security not as a "point in time" measurement? If you had to explain the important of investing in security in a long-term strategy to a CEO or CFO, how would you counter the "point in time" argument?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,