Kenneth Sims IS3230 Unit 2 Global Acces
IS3220 Unit 2
Global Access Control Case Study
Global Limited has a reputation of being one of the world’s leading providers of infrastructure information systems, software, and services around the world. They are in need of a better business and security practices. They have identified a problem which has been likened to a game of Whack-a-mole. To help with its security problem, Global as called upon the knowledge of CIS-its own Security Division. One of the first steps is to understand what information is critical to the business initiatives. Global Cadence is front-end for over 40 applications and has for 200,000 registered users. Global is working to minimize its impact.
What is the significance of compliance and financial reporting from an insecure system. Its purpose is to give investors more confidence in the financial reporting. Ignorance of a vulnerable system is no longer a defense because top, SOX has driven significant spending on IT and IT security. An insecure systems is the life line of a Company. Without it no assets are safe.
Influence of risk management process which have made Global fulfills in goals. Understanding Globals goal was part of the problem, once they understood then it was simply following a risk management plan which pertains to these items. Most critically, risk management plans include a risk strategy. Broadly, there are four potential strategies, with numerous variations. Projects may choose to:
Avoid risk — Change plans to circumvent the problem;
Control/Mitigate risk; — Reduces impact or likelihood (or both) through intermediate steps;
Accept risk — Take the chance of negative impact (or auto-insurance), eventually budget the cost (e.g. via a contingency budget line);
Transfer risk — Outsource risk (or a portion of the risk - Share risk) to third party/ies that can manage the outcome. This is done e.g. financially through insurance contracts or hedging transactions, or operationally through