Ask Question
EngineeringEngineering
11 September, 20:25

Project 13.3: Assessing Risk Management According to the FFIEC Information Security InfoBase Handbook (Appendix A), the initial step in a regulatory Information Technology Examination is to interview management and review examination information to identify changes to the technology infrastructure, new products and services, or organizational structure. 1. Explain how changes in network topology, system configuration, or business processes might increase the institution's information security-related risk. Provide examples. 2. Explain how new products or services delivered to either internal or external users might increase the institution's might increase the institution's information security-related risk. Provide examples. 3. Explain how loss or addition of key personnel, key management changes, or internal reorganizations might increase the institution's information security-related risk. Provide examples.

+1
Answers (1)
  1. 11 September, 23:38
    0
    1. Changes in network topology or system configuration might bring security-related challenges. For example, adopting a new system configuration which is low in cost but also very new in the Industry might be vulnerable to the existing security.

    2. New products or Services which are delivered to either the Internal/External users might be prone to security issues.

    Let say a product 'A' has been launched by a company 'X' and for testing purpose it has been given to the internal users. Now as this product 'A' is a product of 'X' itself it will be allowed to carry in the official premises and if some user tries to hack this product and can make the product potentially harmful w. r. t security.

    3. Consider a scenario where there is a change in management & team, the team members which were thoroughly responsible for Security kinds of stuff are dissolved into different teams. Also new members are hired for the team. Now, since the new members will need some time to get adapted to the Business As Usual things there are high chances of a security level not maintained as it was earlier by the old guys. This could be due to undocumented things in the organization or due to lack of Knowledge Transfer to the new joinees.
Know the Answer?
Not Sure About the Answer?
Find an answer to your question ✅ “Project 13.3: Assessing Risk Management According to the FFIEC Information Security InfoBase Handbook (Appendix A), the initial step in a ...” in 📘 Engineering if you're in doubt about the correctness of the answers or there's no answer, then try to use the smart search and find answers to the similar questions.
Search for Other Answers
You Might be Interested in
3. Consider a 10-m-long smooth rectangular tube, with a = 50 mm and b=25 mm, that is maintained at a constant surface temperature. Liquid water enters the tube at 20C with a mass flow rate of 0.01 kg/s.
Answers (1)
Air is flowing in an insulated duct at a rate of 2 kg/sec. Air enters the duct at 40 oC and 8-kW of heat is added with a electric resistance heater. Find the exit temperature of air. (Cp=1.005 kJ/kgK) a) 44 b) 30 c) 54 d) 60
Answers (1)
List the functional units (Instruction memory, Register file, ALU, Data memory) that will be used by the R-Type instruction class: A. Instruction Memory B. Register file C. ALU D.
Answers (1)
Compute the longitudinal modulus of elasticity (in GPa) for a continuous and aligned hybrid composite consisting of aramid and glass fibers in volume fractions of 0.22 and 0.
Answers (1)
Two gage marks are placed exactly 250 mm apart on a 12-mm-diameter aluminum rod with E 5 73 GPa and an ultimate strength of 140 MPa. Knowing that the distance between the gage marks is 250.
Answers (1)
New Questions in Engineering
A car, initially at rest, moves along a straight road with constant acceleration such that it attains a velocity of 60 ft/s when s = 150 ft Then after being subjected to another constant acceleration it attains a final velocity of 100 ft/s when s =
Answers (1)
Crawling in heavy smoke or extreme heat can increase
Answers (1)
What are some ways in which power machinery is used in agricultural industry
Answers (1)
Which two investment options would be best if you are 20 years old just starting to see if I want to retire when you're 70 consider the kind of investment rate of return level of risk and other factors
Answers (2)
n the first circuit configuration (RL = 10k), how many periods of the input signal V1 does it take for the output voltage, V3, to reach a final periodic state? Choose the option closest to the value you measure.
Answers (1)
Home » Engineering » Project 13.3: Assessing Risk Management According to the FFIEC Information Security InfoBase Handbook (Appendix A), the initial step in a regulatory Information Technology Examination is to interview management and review examination information to
Sign Up Forgot Password?