Discuss about the IS Security Management and Risk.
Information management has been acting as the major source of development in today’s society. Despite these factors of advantages the major problem arises due to the fact that the major concern regarding the information security project management has the major issue in the terminology of the Information Security is in terms of the security of the platform during the improving the quality of the framework(Laudon, & Laudon, 2016).. The major risks that are present in the functioning of the improvement of the IS security marks the following aspect in the methodology are as follows: –
The main concern in the improving the Information system of the company is that the data that are stored in the framework of the database of the organization system gets exposed. The data gets exposed due to the fact that the external employees who are in charge of the improvement of the information system. The employees recruited for the improvement of the information system discloses the data that are stored in the information system of the organization. This process of disclosure is performed due to the fact that the data that are stored in the information system must be stored somewhere as this will act as the reference for performing the functions in the later stages of the organization. This ensures the fact that back up of the data that are stored in the information system(Kaminsky, Angell & Evora, 2018). The employees who were set for the purpose of the improvement of the information system might act as imposters and fetch the data and distribute the data among the competitors of the organization which will enable the fact that the organization faces tough competition in the market.
Despite the fact that the distribution of the data among the competitors of the organization acts to be the fiercest threat to the organization another fact that threats the organization is the disclosing of the passwords of the accounts of the clients of the organization. This fact ensures the fact that the clients who have been trusting the organization by having their personal accounts immersed in the data base of the information system of the organization. In case the passwords of the accounts that are related to the clients of the organization gets leaked then the data of the clients of the organization are no longer safe (Layton, 2016). This creates an issue regarding the rusting of the organization. This ensures the fact that the good will of the company is lost and the stature at which the company was gets at stake. This is due to the factor that during the processing of the improvement of the information system of the organization. The passwords that are stored in the information system for the authentication of the accounts of the clients are distributed to the imposters who has been trying to harm of the organization by gaining unauthorized access to the data that are stored in the information system.
Due to the fact that the data that are stored in the information system of the organization can be accessed by the imposters during the processing of the improvement of the information system. The accessed data is distributed in the social media for the purpose of spreading the basic roots of the organization and harm the privacy of the organization factor. This leads to that were stored in the data base of the information system gets spread all over the social media and the imposters can get easy access to the required set of data that will be enough for harming the organization (Malekmohammadi & Blouchi, 2014). This fact also ensures that the brand loyalty of the customers also gets lost from the organization and the organization has to start from the beginning that also with a negative patch in the background of the company. This factor drags the organization backwards as the company can never use the platform of the social media for the marketing of their products and services. Destruction of the data that are present in the social media also acts as the major threat to the organization as the data that is already distributed and the original copy of the data are destroyed in order to destroy the goodwill of the organization.
The information systems that carry data in the framework of the organization are not very robust in nature. This factor leads to the case where the data that are stored in the information unprotected from the viruses present in the system gets attacked by the malware viruses a the data base is not robust, that is unprotected as the firewall gets uninstalled in the processing of the improvement of the information system as the entire data base is put into updating and the procession of the data that are present in the information system stays gets vulnerable to the virus attack (Gibson & Darril, 2015). This enables the fact that the information system gets accessed by the virus and the data gets pirated. This fact ensures the data that are stored in the data base gets pirated and the data of the client gets invalid leading to the fact that the organization loses its goodwill.
The biggest reason of all the threats that are mentioned above due to the processing of the improvement of the information system is that the encryption of the data that are present in the processing of the storing of the data to ensure the security of the data in order it gets accessed by the imposters as the encryption deals with the fact that even if the data is accessed by the imposters the data cannot be utilized by the imposters as the data are encrypted with a special modulated code which can be made into use only after decrypting the entire data (Liang & Liu, 2015). During the case of the processing of the improvement of the information system the data that are present in the information system are decrypted in order to provide efficiency inn back up of the data that are stored in the database of the information system.
Legal issues related to the Information System includes the factthat the data that are stored in the framework of the information systemrevote as robust as they infrastructure of the framework should have been. This fact leads to the unauthenticated access of the cyber criminals as the data that are stored in the data base of the information system are the data that are kept by the clients as they trust the that they provide. In organization in terms of the privacy of the data of the clients, the clients are eligible to file case against the organization hence causing problems for the organization. The robustness of the information system acts as the major problem of the information system (Lee, 2014). This fact enables the threats related to the legal issues of the information system. Another major problem that the organization faces is that the data that are stored in the data base of the information system is bound to maintain the privacy of the data of the clients. In this case if the client who has data stored in the information system of the organization, the organization gets trapped and the entire case that the client was supposed to handle will have to be controlled by the organization in order to maintain a goodwill of the organization. This fact ensures the fact that the legal terminations of the organizations are supportive towards the clients more than that of the clients.
The ethical issues that are faced by the organizations are that the data that are stored in the information system are not safe which risks the privacy of the data. The robustness of the data centre of the information system is not well (Jacobsson,Boldt & Carlsson, 2016). This leads to the unauthorized access to the data of theclients that they have kept in the information system of the organization as the clients trusted the information system of the organization. this fact ensures that the data hat are stored in the database of the informationsystem requires the processing of the safety and proper privacy maintaining techniques that ensures the fact that the data are secured in the information system. The main ethical issue rises as the organization stays least bothered regarding the robustness of the database of the system in which the data of the clients are stored as the processing of the database is not directly connected with the turnover of the company. This fact ensures the fact that the organization is not ethically enlightened due to the factthatthelack of interest in the safety of the data that are stored in the database of the system. Another ethical issue that the information system faces during the processing of the data in the information centre is that during the updating of the data base the data that are stored in the database are decrypted for storing the data in the backup device. During this process the data that are decrypted acts as the major reason for the lack of privacy of the data and unauthorized access of the data.
The major activities that are undergone for the processing of the project closing strategy of an Information system are as follows: –
Clients acts as the major assets to the organization. this factor ensures the facat that the organizations success is completely based on the clients the organization possess. The organization will be able to gain clients only if the information system of the organization is robust enough that the client feel secured regarding the privacy of the data that is to be stored in the processing of the data. The data security acts to be the main hindrance in the client satisfaction. This ensures the fact that the clients that are present in the database list of the organization deals with the fact of satisfaction as well has the concern regarding the data privacy. The organization gets the acceptance of the clients’ only by providing them robustness in the data storage process in the information system.
Releasing the people and the resources acts as the majorconcern for the efficient functioning of the database of the information system. This fact ensures that the services and the clients who are not important for the progress of the organization are released in order to keep the information system efficient. The removal of the data of the clients and the services that are not required acts as the cause that ensures the fact that the database of the information system on getting updated gets more efficient and the robustness of the information system increases. This deals with the fact that the data that are stored in the information system is well protected and efficient.
Updating of the software of the information system acts as the major concern for the processing of the database of the information system. the updated versions of the software ensures the act that the information system stays protected from the cyber criminals as the cyber criminals get access to the database that are based on the platform provided by the software that are not updated to their latest versions (Laudon, & Laudon, 2016). This is due to the fact that the cyber criminals find ways to use the loop holes of the software which ensures the fact that the common outdated versions has their loop holes cracked by the imposters. In case of using the same software without getting it updated the cyber-criminal tends to attack the data base that is dependent on the platform of the software. In case the cyber-criminal gets access to the data in an unauthorized manner it proves the case that the data that has been stored in the data base are used in a way that creates conflicts among the employees and the other clients of the organization.
References
Cook, B., & Gilles, L. (2016). U.S. Patent No. 9,317,980. Washington, DC: U.S. Patent and Trademark Office.
Gibson, Darril. Managing risk in information systems. Jones & Bartlett Publishers, 2014.
Jacobsson, A., Boldt, M., & Carlsson, B. (2016). A risk analysis of a smart home automation system. Future Generation Computer Systems, 56, 719-733.
Kaminsky, R. G., Angell, R. A., & Evora, G. D. (2018). U.S. Patent No. 9,928,550. Washington, DC: U.S. Patent and Trademark Office.
Laudon, K. C., & Laudon, J. P. (2016). Management information system. Pearson Education India.
Lee, M. C. (2014). Information security risk analysis methods and research trends: AHP and fuzzy comprehensive method. International Journal of Computer Science & Information Technology, 6(1), 29.
Liang, D., & Liu, D. (2015). A novel risk decision making based on decision-theoretic rough sets under hesitant fuzzy information. IEEE Transactions on Fuzzy Systems, 23(2), 237-247.
Malekmohammadi, B., & Blouchi, L. R. (2014). Ecological risk assessment of wetland ecosystems using multi criteria decision making and geographic information system. Ecological Indicators, 41, 133-144.
National Research Council. (2014). Review of EPA’s integrated risk information system (IRIS) process. National Academies Press.
Olson, D. L., & Wu, D. D. (2017). Data Mining Models and Enterprise Risk Management. In Enterprise Risk Management Models (pp. 119-132). Springer, Berlin, Heidelberg.
Pulwarty, R. S., & Sivakumar, M. V. (2014). Information systems project management in a changing climate: Early warnings and drought risk management. Weather and Climate Extremes, 3, 14-21.
Pulwarty, R. S., & Sivakumar, M. V. (2014). Information systems in a changing climate: Early warnings and drought risk management. Weather and Climate Extremes, 3, 14-21.
Roberts, J. R., Hulsey, T. C., Curtis, G. B., & Reigart, J. R. (2016). Using geographic information systems to assess risk for elevated blood lead levels in children. Public Health Reports.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download