Ask Question
EngineeringEngineering
11 September, 20:25

Project 13.3: Assessing Risk Management According to the FFIEC Information Security InfoBase Handbook (Appendix A), the initial step in a regulatory Information Technology Examination is to interview management and review examination information to identify changes to the technology infrastructure, new products and services, or organizational structure. 1. Explain how changes in network topology, system configuration, or business processes might increase the institution's information security-related risk. Provide examples. 2. Explain how new products or services delivered to either internal or external users might increase the institution's might increase the institution's information security-related risk. Provide examples. 3. Explain how loss or addition of key personnel, key management changes, or internal reorganizations might increase the institution's information security-related risk. Provide examples.

+1
Answers (1)
  1. 11 September, 23:38
    0
    1. Changes in network topology or system configuration might bring security-related challenges. For example, adopting a new system configuration which is low in cost but also very new in the Industry might be vulnerable to the existing security.

    2. New products or Services which are delivered to either the Internal/External users might be prone to security issues.

    Let say a product 'A' has been launched by a company 'X' and for testing purpose it has been given to the internal users. Now as this product 'A' is a product of 'X' itself it will be allowed to carry in the official premises and if some user tries to hack this product and can make the product potentially harmful w. r. t security.

    3. Consider a scenario where there is a change in management & team, the team members which were thoroughly responsible for Security kinds of stuff are dissolved into different teams. Also new members are hired for the team. Now, since the new members will need some time to get adapted to the Business As Usual things there are high chances of a security level not maintained as it was earlier by the old guys. This could be due to undocumented things in the organization or due to lack of Knowledge Transfer to the new joinees.
Know the Answer?
Not Sure About the Answer?
Find an answer to your question ✅ “Project 13.3: Assessing Risk Management According to the FFIEC Information Security InfoBase Handbook (Appendix A), the initial step in a ...” in 📘 Engineering if you're in doubt about the correctness of the answers or there's no answer, then try to use the smart search and find answers to the similar questions.
Search for Other Answers
You Might be Interested in
5. Switch a in the circuit has been open for a long time and switch b has been closed for a long time. Switch a is closed at t = 0. After remaining closed for 1s, switches a and b are opened simultaneously and remain open indefinitely.
Answers (1)
Are there specific building code requirements for the installation of specialized water-based fire protection systems?
Answers (1)
The four steps in the IPDE Process are
Answers (1)
What happens to material that is eroded by water flowing through a watershed? A. It creates a flood. B. It is carried upstream. C. It is carried downstream. D. It creates new wetland areas
Answers (1)
python Write a program that prompts the user to enter the month and year and displays the number of days in the month. For example, if the user entered month 2 and year 2000, the program should display that February 2000 has 29 days.
Answers (1)
New Questions in Engineering
Between a hypothesis and a prediction
Answers (1)
A local reaction is when a chemical enters the bloodstream?
Answers (1)
The rules for ordinary arithmetic involving addition, subtraction, and multiplication carry over into modular arithmetic. Tru
Answers (1)
An air-conditioning system is used to maintain a house at 70°F when the temperature outside is 100°F. The house is gaining heat through the walls and the windows at a rate of 800 Btu/min, and the heat generation rate within the house from people,
Answers (2)
The electricity we use is static or current electricity?
Answers (1)
Home » Engineering » Project 13.3: Assessing Risk Management According to the FFIEC Information Security InfoBase Handbook (Appendix A), the initial step in a regulatory Information Technology Examination is to interview management and review examination information to
Sign Up Forgot Password?