Sunday, May 3, 2020
IT Risk Management Management Terms
Question: Task Specific issues that you need to address in the forum discussions are provided within the first 3 topics. These questions are posed for you to reflect on in the form of written Discussion Board (forum) posts. As this is a postgraduate course, it is expected that your written responses will provide you an opportunity to express your personal and professional views. There are no correct answers, however the way you justify your answers with validated evidence is key to this activity. Answer: Topic 1: Information Security This particular topic mainly deals with the resolution of some specific issues associated with the information security. In order to accomplish the major objective of this topic, Inside the Security Mind Making the Tough Decision has been considered (Peltier, 2016). This book has explored the important principles of information security, that till date have been ignored throughout most of the world of Information Security. In this modern era, people have to think in different ways regarding the Information Security. On the other hand, the major issues discussed associated with this topic are dealing with the malicious hackers endless hoards, a seemingly limitless onslaught of exploits and the seas of vulnerabilities (Peltier, 2016). The previously mentioned problems with the information security can be resolved and addressed with the help of establishment of proper authentication in terms of making stronger security in information security system (Von Solms Van Niekerk, 2013). There are several common forms of authentication such as passwords, one-time passwords, tokens and smart cards, biometric thumb and others can play an effective and a significant role in order to address these issues of information security (Von Solms Van Niekerk, 2013). On the other hand, another good practice can also be controlling the sensitive access forms through the higher authentication forms. Topic 2: Internet security This particular topic is mainly aimed to specify the issues associated with the insecure internet communication. On the other hand, this topic also focuses on the establishment of the reason of the internet security problem (Suo et al., 2012). There are numerous technologies in order to provide proper communication security such as SSL, SSH, S/MIME, IPsec, HMAC, AES and RSA. In spite of the presence of these technologies, internet communication is still insecure (Suo et al., 2012). There can be many reasons for such severe issue. The most important reason is that the security is inherently difficult to use. On the other hand, sometimes customer does not know how to utilize the security settings while continuing the internet communication (Suo et al., 2012). These issues are generally formed due to the problems in internet threat model and real protocol deployment. Therefore, in order to address such critical issues in the internet communication system, two things should be done. Firs t of all, the internet threat models should be appropriate for the internet communication to be carried out properly. Secondly, the customer models should be improvised in a proper manner so that the internet communication can be carried out very smoothly. Furthermore, the invention of new mechanisms and polishing existing protocols can be more effective to overcome the issues associated with this topic. Topic 3: IT Risk Management This particular topic is aimed to illustrate the risk management terms in organizations. Therefore, the concepts of Risk Management Terms have been considered in this topic in order to specify the issues and to address the issues as well (Kamiya et al., 2007). When, the Enterprise Risk Management can offer the effective advantages, the effort can also be obstructed by differing measures, methodology as well as terminology over the influenced departments. Kamiya et al. (2007) have conducted a survey of risk professionals about their understandings of the essential risk terms in an effort for improving communication across and within the industries and organizations. The risk managers from the property/liability and life-health industry as well as from four non-insurance companies have been surveyed in Risk Management Terms in terms of indentifying differences and similarities in risk terms across industries. The development of good Enterprise Risk Management models and the information regarding the models and measures are recently being utilized (Kamiya et al. 2007). The movement for the merger comes from both of the external requirements by the rating as well as regulatory agencies and the internal opportunities for the greater competitive advantage. References Kamiya, S., Shi, P., Schmit, J., Rosenberg, M. (2007). Risk management terms.The Actuary Magazine. Peltier, T. R. (2016).Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press. Suo, H., Wan, J., Zou, C., Liu, J. (2012, March). Security in the internet of things: a review. InComputer Science and Electronics Engineering (ICCSEE), 2012 International Conference on(Vol. 3, pp. 648-651). IEEE. Von Solms, R., Van Niekerk, J. (2013). From information security to cyber-security.computers security,38, 97-102.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.