Fundamentals of Information Systems
9th Edition
ISBN: 9781337097536
Author: Ralph Stair, George Reynolds
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Question
Chapter 9, Problem 11SAT
Program Plan Intro
Choose the correct option to fill in the blank.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
research on computer-based risk management. Determine your resources, threats, weaknesses, risks, and mitigation. Include system parts in each category. What significant flaws were discovered? How can risk be diminished? own system security strategy? Will you carry out? If not, why not?
Which of the following is the best description of purpose of risk management?
a. To implement measures to reduce risks to an acceptable level.
b. To outline the threats to which IT resources are exposed.
c. To determine the damage caused by possible security incidents.
d. To determine the probability that a certain risk will occur.
On your PC, do a brevized risk management analysis. Identification of assets, threat identification, evaluation of vulnerabilities, risk assessment, and risk mitigation should be done. Make a list of the components that apply to your system under each category. What significant flaws did you find? How may these hazards be reduced? What security measures are in place for your personal computer? Do you intend to carry out the plan? If not, why not?
Chapter 9 Solutions
Fundamentals of Information Systems
Ch. 9 - Prob. 1LOCh. 9 - Prob. 2LOCh. 9 - Prob. 3LOCh. 9 - Prob. 4LOCh. 9 - Prob. 5LOCh. 9 - Prob. 1.1RQCh. 9 - Prob. 1.2RQCh. 9 - Prob. 1.1CTQCh. 9 - Prob. 1.2CTQCh. 9 - Prob. 2.1RQ
Ch. 9 - Prob. 2.2RQCh. 9 - Prob. 2.1CTQCh. 9 - Prob. 2.2CTQCh. 9 - Prob. 1SATCh. 9 - Prob. 2SATCh. 9 - Prob. 3SATCh. 9 - Prob. 4SATCh. 9 - Prob. 5SATCh. 9 - Prob. 6SATCh. 9 - Prob. 7SATCh. 9 - Prob. 8SATCh. 9 - Prob. 9SATCh. 9 - Prob. 10SATCh. 9 - Prob. 11SATCh. 9 - Prob. 12SATCh. 9 - Prob. 13SATCh. 9 - Prob. 14SATCh. 9 - Prob. 1RQCh. 9 - Prob. 2RQCh. 9 - Prob. 3RQCh. 9 - Prob. 4RQCh. 9 - Prob. 5RQCh. 9 - Prob. 6RQCh. 9 - Prob. 7RQCh. 9 - Prob. 8RQCh. 9 - Prob. 9RQCh. 9 - Prob. 10RQCh. 9 - Prob. 11RQCh. 9 - Prob. 12RQCh. 9 - Prob. 13RQCh. 9 - Prob. 14RQCh. 9 - Prob. 15RQCh. 9 - Prob. 16RQCh. 9 - Prob. 1DQCh. 9 - Prob. 2DQCh. 9 - Prob. 3DQCh. 9 - Prob. 4DQCh. 9 - Prob. 5DQCh. 9 - Prob. 6DQCh. 9 - Prob. 7DQCh. 9 - Prob. 1PSECh. 9 - Prob. 2PSECh. 9 - Prob. 1WECh. 9 - Prob. 2WECh. 9 - Prob. 3WECh. 9 - Prob. 1CECh. 9 - Prob. 2CECh. 9 - Prob. 3CECh. 9 - Prob. 1.1CSCh. 9 - Prob. 1.2CSCh. 9 - Prob. 1.3CSCh. 9 - Prob. 2.1CSCh. 9 - Prob. 2.2CSCh. 9 - Prob. 2.3CS
Knowledge Booster
Similar questions
- Discuss if the threats are controllable. What part of risk management addresses these threats? Can they be quantified?arrow_forwardYour organization has delegated to you the responsibility of developing a program for risk management. The Chief Executive Officer of the company recently requested you to succinctly explain the relationship between impact, danger, and vulnerability. Create hastily a single statement that elucidates the interaction between the parties.arrow_forwardDetermine whether the dangers are within your control. Which part of risk management is accountable for addressing these threats? Are they able to be quantified?arrow_forward
- Use examples to make your message clearer. Conventional human resources methods, controls, and information security concepts are all addressed in depth to show how they work together.arrow_forwardPerform an abbreviated risk management study on your personal computer. Conduct an asset identification, threat identification, vulnerability appraisal, risk assessment, and risk mitigation. Under each category, list the elements that pertain to your system. What major vulnerabilities did you uncover? How can you mitigate these risks? What is your plan for securing your personal system? Are you going to implement the plan? Why or why not?arrow_forwardWhat are the main reasons to implement security policies within an organization? How is quantitative analysis different from qualitative analysis? What are some or the early steps taken during the initial phases of the system development life cycle? How can pre-employment processing improve the security of an organization?arrow_forward
- Perform a condensed risk management analysis on your computer. Asset identification, threat identification, vulnerability evaluation, risk assessment, and risk mitigation should be performed. Create a list of the system components applicable to each category. What major defects did you discover? How can these risks be mitigated? What safeguards do you have in place for your computer? Do you intend to implement the strategy? If not, then why?arrow_forwardWhat are organizational factors that contribute to an unhealthy security culture in the organization? If so, how? Consider organizational data flow, work setting, work planning and control, and employee readiness.arrow_forwardWhich of the following steps are part of the process of developing security policies (Choose the best 4 answers)? Group of answer choices Identify exiting capabilities Identify threat likelihood Identify enforcement Identify the scope Identify related regulatory and compliance rulesarrow_forward
- I need help with this problem for my Strategic Management class. Thank you Should there be different information security policies for end users when they work from home vs. in the office? What, if any, would the differences be? Give examples. How can policies be enforced equally for in-office/home workers?arrow_forwardProvide 4 examples of documentation which is commonly required for the risk assessment process. How should these be stored? How will any changes and modifications affect your current versions of documentation? Examples 1. 2. 3. 4. Effect of changes on current documentation and versionsarrow_forwardWhere in a business do you think the responsibility for information security starts and ends? The organization's control decides when security policies and measures go into effect and when they go out of effect, respectively. Do you believe any of these limits should be further widened or widened? If that's the case, how did you go about it? If that's not the case, what's going on?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Fundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningPrinciples of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,