PLEASE USE THE ATTACHED MEMO TEMPLATE FOR THE ASSIGNMENT You recently stepped into the role of information security manager at a medium-sized e-commerce company with roughly 500 to 1,000 employees organization-wide. The company has hired a third-party consultant to evaluate its information security posture. The consultant has concluded the evaluation and noted several high security risks. These action items must be addressed to ensure that the company’s information assets are secure. Your task is to provide recommendations to address multiple identified security risks and explain your decisions to your leadership team. Directions Memo Template: To communicate the identified information security risks and your recommendations and explanations, you will generate a memo to your leadership team. Your recommendations do not have to address all information security risks; however, they must address multiple risks. Be mindful that your leadership team is considered a nontechnical audience. You must complete each of the following sections: Introduction: Describe how addressing the evaluated elements of information security will support the company’s business objectives. Laws and Regulations: Explain how laws and regulations influence information security policies and procedures within this company. Technical Controls: Describe the technical controls that you would recommend to address the multiple indicated information security risks from the consultant’s findings. Administrative Controls: Describe the administrative controls that you would recommend to address the multiple indicated information security risks from the consultant’s findings. Physical Controls: Describe the physical controls that you would recommend to address the multiple indicated information security risks from the consultant’s findings. Business Impact: Explain how your recommendations impact current information security policies and practices within this company. Conclusion: Explain why leadership should act on these control recommendations to improve the company’s information security posture. Your conclusion can also include a brief summary, although it is not required. What to Submit To complete this project, you must submit the following: Memo Template This should be a 2- to 3-page Word document (.docx) with the following sections completed: introduction, laws and regulations, technical controls, administrative controls, physical controls, business impact, and conclusion.
There are several vulnerability scanners available to assist organizations in scanning their networks and systems to detect potential risks and vulnerabilities. Review at least three of these tools and compare and contrast their features and functions. In your opinion, would you implement any of these scanners? Explain your rationale in choosing this particular tool. Here are a few resources to assist you with this assignment. https://www.comparitech.com/net-admin/free-network-vulnerability-scanners/ https://www.networkworld.com/article/2176429/security-6-free-network-vulnerability-scanners.html https://www.g2.com/categories/vulnerability-scanner
PLEASE USE SRS TEMPLATE ATTACHED FOR THE ASSIGNMENT. You are employed as a systems engineer at Millennia HealthCenter (MHC), an organization in the healthcare industry that offers patient care in person and online. MHC will be implementing a new software system within the next three years, and you are the systems engineer leading the project. The software system that Millennia HealthCenter currently uses has several problems, as described in the business case document (see Supporting Materials section). MHC’s technical problems are reducing efficiencies, accuracies, and the quality of patient care. The vision and the ultimate goal of MHC is to effectively improve the patient’s health and well-being through innovative approaches in health information technology. The question is: as a systems engineer on this project, how will you design a new system to improve the patient’s experience? To design a new system to sustain the vision of MHC, you will create a system requirements specification (SRS) document. The SRS will determine all aspects of the system that need to be considered prior to the start of the development process, from the perspective of the stakeholders. As you create this document, you will also have to make ethical decisions that consider legal, organizational, and industry considerations. Directions Review all of the details of the software system outlined in the business case. Be sure to read through the entire case. You will refer to its specifics throughout your SRS, and you do not want to miss any important information. Also in the Supporting Materials section: Watch all of the interviews with the stakeholders who will be using the software system once it is implemented. Review the codes of ethics for the Association for Computing Machinery (ACM) and the Institute of Electrical and Electronics Engineers (IEEE). Review the security guidelines regarding the Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulations. Read the Workflow of Existing System and Processes document. Download the System Requirements Specification Template, and develop its content. Fill out the sections in the template that apply to the specific system that is described in the scenario. If you believe that a section does not apply to the system within the scenario, enter “Does not apply.” Provide a brief rationale as to why you believe that the section does not apply. Your system requirements specification must include: An introduction, which may include: System purpose System scope System overview System context System functions User characteristics A description of functional system requirements that clearly explains how the functionality addresses the problem statement within the business case and meets the organizational vision A description of the non-functional requirements, which includes: Usability requirements Performance requirements A description of other requirements, which may include: System interface System operations System modes and states Physical characteristics Environmental conditions As you complete these sections of your SRS, pay particular attention to the interviews with stakeholders referred to in the Supporting Materials section of this document. Since you do not have access to the actual end users and other stakeholders of the system, you may use your judgment in specifying the precise nature of the capabilities that the users will need. If you have questions about system functions, you should research the nature of the user’s work, and you may also want to use your instructor as a resource. As you develop the SRS, you will demonstrate how to make ethical decisions. Your SRS must also include: An explanation of the system security requirements, which includes how the system will need to sustain proper levels of security A section on information management requirements, which determines how the system will need to manage and encrypt information between its databases, interaction with other systems, and interfaces, while considering the ethics of privacy An explanation as to how the system must comply with organizational and federal policies and regulations requirements (e.g., HIPAA compliance) An application of the ethical considerations throughout the SRS by addressing the codes of ethics for ACM and IEEE
**Please answer with short responses 1. List and explain all the various options now available for an organization to enjoy the services of an IS. 2. Few organizations would develop an application in-house or pay another company to develop it if a similar application can be licensed. Why? 3. What are the benefits and risks of outsourcing IT services? 4. The major hardware and software makers, such as IBM and Hewlett-Packard, derive an increasing portion of their revenue from outsourcing contracts. Analyze and explain why they focus more of their efforts in this direction. 5. What might cause a client to ask to renegotiate a long-term outsourcing contract? 6. You are the CIO of a large manufacturing company. A software vendor approaches you with an offer to have your company serve as a beta site for a new human resource application. What would you consider before making a decision? 7. What is an RFI? What is the difference between an RFI and an RFP? The ideal response to an RFP is one that can be easily transformed into a contract. Why? 8. What is the purpose of benchmarking? Often, benchmarking involves visiting other organizations that have applied the system under consideration. Why? 9. What would you benchmark in a system whose purpose is to enter customer orders and accept customer credit-card account numbers for payment at your web-based site? 10. When purchasing an off-the-shelf application, to which phase of the SDLC is the postimplementation support and service equivalent? 11. Some organizations charge the purchase price of an application that serves only a particular organizational unit back to the unit. Why does the existence of a charge-back arrangement create an incentive to have users develop their own applications? 12. Why don’t users commonly document the applications they develop? Why is poor documentation a problem? 13. List and explain the benefits and risks of using the services of an on-demand software provider. 14. Some companies use software as a service (SaaS) because they want to concentrate on core competencies. What is a core competency? How would you determine what an organization’s core competencies are? 15. What is a storage service provider (SSP)? How is it different from an ASP? Note: Repeat the question/task. Use technical writing elements and formatting. Must use a 12-inch font, double-spaced. Include Name, Course Number and section, Title of Homework Assignment, Instructor Name, and Due Date aligned right single-space.
Research the impact of the Sarbanes-Oxley Act on ISs. Write a one-page report explaining the major controls corporations must incorporate in their ISs to satisfy the Act. Note: Repeat the question/task. Structure document as APA format, but exclude cover page; label as directed below. Use technical writing elements and formatting. Must have a reference page. Must use a 12-inch font, double-spaced. Include Name, Course Number and section, Title of Homework Assignment, Instructor Name, and Due Date aligned right single-space.
You are a manager for a new company that is about to start selling textbooks to college bookstores via the web. Several firms specialize in software that supports transactions and data collection on the web. Prepare an RFI for an application to support your new company’s effort on the web, including posted catalogs, orders, shipment tracking, payment, and data collection for future marketing. Submit the list of questions you want prospective bidders to answer, and be ready to provide an explanation for including each of the questions. Note: Repeat the question/task. Structure document as APA format, but exclude cover page; label as directed below. Use technical writing elements and formatting. Must have a reference page. Must use a 12-inch font, double-spaced. Include Name, Course Number and section, Title of Homework Assignment, Instructor Name, and Due Date aligned right single-space.
**Pleaser answer with short responses 1. What are the goals of security measures for ISs? Explain. 2. All the data of your company is concentrated in two databases. All employees use PCs or laptop computers, and all use a corporate network. You are to prioritize protection of the following elements of your company: PCs and laptops, the databases, the corporate network. Which is the element about which you should be most concerned, and why? 3. Data alteration and destruction are dreaded by many IS managers more than any other mishap. Why? Is the threat of website defacement as severe as data destruction or alteration? Why or why not? 4. Some companies still make a duplicate copy of disks or tapes and transport them to a remote site as a precaution against loss of data on the original storage media. What is the preferred method of keeping secured copies of data nowadays? Give at least two benefits and one possible drawback of the more recent approach. 5. Comment on the following statement: If your computer is connected to an external communication line, anyone with a similar link can potentially access your systems. 6. What is a honeytoken and how is it used by companies? 7. What is a honeypot and how is it used by businesses? 8. What is the difference between a virus and a worm? Which is potentially more dangerous and why? 9. Why is encryption that uses the public-key method so important in electronic commerce? 10. Assume that you are charged with developing an application to record basketball performance statistics. What limits would you include to ensure that the information entered is reasonable? 11. What is an audit trail? What audit trail information would you have for a shipping record? 12. This chapter gives an example of an atomic transaction. Give another example from any business area. 13. What is the difference between authentication and confidentiality? 14. What are biometric access controls? How are they better than passwords? 15. What is a firewall, and how does it work? Note: Repeat the question/task. Use technical writing elements and formatting. Must use a 12-inch font, double-spaced. Include Name, Course Number and section, Title of Homework Assignment, Instructor Name, and Due Date aligned right single-space.
Write a 3-4 page research paper on two careers in the Information Technology field that interest you per the instructions in the attached document.
You are to create a 10-minute multimedia presentation on one of the following topics below: Understand basic concepts in Information Technology, including hardware, software, networks, and the internet. Recognize and define critical components of Management Information Systems. Explain the value of technology and information as a competitive advantage to the organization. Understand key concepts of Supply Chain Management, Customer Relationship Management, and Business Intelligence and how these systems impact competitive advantage. Understand the key characteristics of a relational database. Compare and contrast the features of databases and data warehouses. Demonstrate how artificial intelligence and decision support systems can be used to solve business problems. Communicate the implications of electronic commerce in today’s business environment. Understand the systems development life cycle and trends in systems development, including outsourcing. Understand key concepts of IT Infrastructure. Communicate the mandates and strategies for protecting the organization’s people and information. Recognize and describe the emerging trends and technologies that will impact the organization. Instructions: Create a multimedia presentation that includes presentation that includes text, video, images, and sound. You will present one of the topics in bullet points. You will be creating a professional multimedia presentation. If you go into the Apple Teacher Learning Center. Go to Apple Teachers in Action. Look at those videos as examples of a multimedia presentation. You will save the production and submit it in D2L (here). Requirements: You are to use Microsoft Powerpoint or any other presentation software, Apple Keynote, GarageBand, Pages, Numbers, and iMovie to have an Apple Device. You can go to www.icloud.com to access Keynote, Pages, and Numbers on a PC. If you do not have an Apple device, you can use Microsoft Office and Movie Maker to create your presentation. Your presentation must be creative and informative on your chosen topic. You are to reference information from your textbook regarding the detailed knowledge of your production. The required length is 10 minutes. You will be recording your presentation and submitting the file. Your video must play and be in the appropriate format. You are to test your video and make sure it plays on all devices before submitting, or you will not be credited for submission. If I am unable to play video, you will not receive credit. You also must type up in a Microsoft word document and submit along with your multimedia presentation and transcript word for word what is in your presentation in a professional format. Class Text Book Management Information Systems By: Ken J. Sousa; Effy Oz
read the case study further details part A and then interpret that description in terms of implementing the changes to their existing Postgres database. Students then need to: 1. Install the PostGIS spatial database software (if not already completed during week 7); 2. Extend their own existing assignment 1 PostgreSQL relational database to a PostGIS spatial database; 3. Write SQL commands in pgAdmin4 to create spatial data in the extended database; 4. Write spatial queries using SQL; need to read the case study further details part B and then: 5. Install the MongoDB document database software, MongoDBCompass GUI and associated software (if not already completed in week 8); 6. Understand the embedded schema proposed and understand the examples given in Appendix A: 7. Use MongoDBCompass or mongosh to: a. Create a document database; b. Create a collection in that document database; c. Create documents within that collection; d. Write MongoDB commands to populate the collection; e. Write MQL to query the database. It is a requirement of this assignment that students use Postgres/PostGIS and MongoDB for the database components of this assignment. The submission must be presented in the format of a professional report. Further information is given in the File attached