Overview:


You are the Information Security Officer of Mahtmarg Manufacturing a small manufacturing company worth approximately $5 Million who provides fiber cable to local businesses, individual customers and to government organizations. In the course of the next eight weeks you will be creating your Information Security Plan (Issue-Specific Security Policy in Table 4-3 of the textbook) step by step using this scenario.

Your Task


Step 4: Develop the Systems Management section of your ISP

In this week’s Lab you will develop the section on Systems Management which focuses on the user’s relationship to systems management and the responsibilities delegated to both users and systems administrators to avoid confusion. This includes:

• Authentication and Encryption
• System Administrator Responsibilities
• User Responsibilities
• Auditing
• Configuration

This is a lab quiz. And I put two files here which are lab introduction and all questions in the quiz.

Here is the introduction :I. Objective

To gain experience in using the LogicAid software tool for logic simplification.

II. LogicAid Help

The LogicAid software can be downloaded from: http://logicaid.software.informer.com.
l For input selection, click “Input” button then chose the type input.
l For POS and SOP simplification click “Routine” then “Simplification”.
l For logic function simplification with K-map input, click “KMap” and choose “Derive Min Equation from Map”.l Selections including number of variables and SOP or POS forms need also be made on pop-up menus.

l For additional information click “Help” then “LogicAid Help”

So the whole introduction is in the first file.

As you begin to perform the information systems audit for PVSS, assume the identity of a different person in the scenario. For this Discussion Board, you are now the Network Systems Manager for PVSS.

As the Network Systems Manager, how would you create the following four controls (or policies) to be used by PVSS:

• Entity level control
• Network level control
• Operating system level control
• Web or database server level control

Keep in mind that each control should focus on a specific topic and offer the following structure:

• The Policy Statement: This is a statement defining the specific action or regulation.
• Responsibilities: Who is responsible for various actions?
• Enforcement: How the policy will be validated?
• Violations: What are the consequences for violation?

The business case for information governance (IG) programs has historically been difficult to justify. It is hard to apply a strict, short-term return on investment (ROI) calculation. A lot of time, effort, and expense is involved before true economic benefits can be realized.IT governance seeks to align business objectives with IT strategy to deliver business value.

Q: Please provide 2-3 page APA standard paper or why the business needs to drive the IG strategy and why there must constantly be an alignment. How would you approach implementing an IG strategy within an organization?

Q1) Executive sponsorship is critical to project success. There is no substitute. Without it, a project is at risk of failure. What is your opinion?

Q2) In policy development, program Controls, Monitoring, Auditing, and Enforcement, we must gather metrics to determine the level of employee compliance, its impact on key operational areas, and progress made toward established business objectives. What are those types of metrics you will need to gather and how will you measure them?

Q3) Chapter 4 – Information Risk Planning and Management

Assignment 1- What is information Governance? Please provide 2-3 page APA standard answer.

1. Resources:Debra Logan, “What Is Information Governance? And Why Is It So Hard?” January 11, 2010, http://blogs.gartner.com/debra_logan/2010/01/11/what-is-information-governance-and-why-is-it-so-hard/.