Information Security Management System - 6815 Words

[pic] HINDALCO INFORMATION SECURITY MANAGEMENT SYSTEM IMPLEMENTATION AND CHALLENGES A study by Akash Pandey - MBA (IT) Indian Institute of Information Technology Allahabad, U.P. This study is submitted in fulfillment of the requirements for the degree in Master of Business Administration from Indian Institute of Information Technology, Allahabad June 2008 [pic] INDIAN INSTITUTE OF INFORMATION TECHNOLOGY (Deemed University) Jhalwa, Deoghat. Allahabad. SUMMER TRAINING CERTIFICATE This is to certify that Akash Pandey of MBA (IT)/ MSCLIS Batch 2008-10 at Indian Institute of Information Technology, Allahabad has successfully completed his/her Summer Internship during 20th†¦show more content†¦Figure 13: Asset Analysis†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦42 Figure 14: Business Impact Analysis†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦43 Figure 15: Vulnerability Analysis†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦..†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.44 Figure 16: Risk Analysis†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.45 Figure 17: Implement Risk Treatment†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦..†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦46 Figure 18: Analyze Control Effectiveness†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦47 Figure 19: Security Incident Monitoring†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦..48 Terms and definitions For the purposes of this document, the terms and definitions given in ISO/IEC 27001, ISO/IEC 17999, are as follows: Asset- anything that has value to the organization [ISO/IEC 13335-1:2004] Availability-the property of being accessible and usable upon demand by an authorized entity [ISO/IEC 13335-1:2004] Confidentiality-the property that information is not made available or disclosed to unauthorized individuals, entities, or processes [ISO/IEC 13335-1:2004] Integrity- the property of safeguarding the accuracy and completeness of assets [ISO/IEC 13335-1:2004] Threat- a potential cause of an unwanted incident, which may result in harm to a system or organization [ISO/IEC 13335-1:2004] Vulnerability- a weakness of an asset or group of assets that can be exploited by a threat [ISO/IEC 13335-1:2004] Impact- adverse change to the level of business objectives achieved Information security risk- potential that aShow MoreRelatedImplementation Of The Information Security Management System1355 Words   |  6 PagesStandardization (ISO) 27002 defines information as an asset that may exist in many forms and has value to an organization. Information Technology (IT) security governance is the system by which an organization directs and controls IT security (adapted from ISO 38500). Successful implementation of the information security management system (ISMS) is governed by analyzing security requirements to protect organizational information assets and apply appropriate security controls to ensure their protectionRead MoreThe Scope Of The Information Security Management System1880 Words   |  8 PagesA. Scope Outline The scope of the Information Security Management System (ISMS) is limited to Small Hospital Grant Tracking System (SHGTS) (a Microsoft Access 97 database), its host general support system (GSS) (JINX server EOC3FPR02GroupsSSR), and the remote access server (RAS). The servers are located at the Healthy Body Wellness Center (HBWC) executive office facility. 1. Business Objectives The primary business objective of the Healthy Body Wellness Center (HBWC) is to promote improvements inRead MoreSecurity Management Models for Information Systems Essay1075 Words   |  5 PagesBackground Security management within the context of information systems â€Å"needs a paradigm shift in order to successfully protect information assets† (Eloff Eloff, 2003). Due the rapid increase in information security threats, security management measures have been taken to proactively remedy the growing threat facing information security. As a result of this, security management â€Å"is becoming more complex everyday, many organization’s security systems are failing, with serious results† (Fumey-NassahRead MoreCode Of Practice For Information Security Management System1090 Words   |  5 PagesThe ISO 27002 Information Technology Security Techniques, Code of Practice for Information Security Management and NIST 800-53 standards were used to make revisions to the SLA. In particular, the ISO 27002 standards are industry recognized standards for development of an information security management system. The NIST 800-53 are U.S. government security standards for federa l information systems; granted, they are also used for non-governmental systems. In sum, the difference between the two frameworksRead MoreThe Health Body Wellness Center1559 Words   |  7 Pageshospital grant tracking system. This system enables them to allocate and track the gifts within a specified period. OGG assigns awards to one hospital and follows how they have been utilized within a period of one month. The unused portion of the subsidy is recalled and issued to another hospital. This is done in a continuous and rotational manner. The organization has a security objective of protecting the database from being altered. Since the data is held in the system, there are regulations thatRead MoreSecurity Information And Event Management1496 Words   |  6 Pagesheavily on the management of information across their organization – from customer records to critical corporate financial data. Without high-tech measures to protect all enterprise data from security threats, the businesses’ processes, regulatory compliance efforts, and even financial security can be at risk. The security information and event management (SIEM) market is defined by the customer s need to analyze security event data in real time for internal and external threat management, and to collectRead MoreEssay on Internal Control Checklist870 Words   |  4 PagesComprehensive Checklist for Evaluating Internal Controls ACC/544: Internal Control Systems Comprehensive Checklist for Evaluating Internal Controls As defined by the COSO framework, there are five elements that are used to explain an internal control system applied in an organization. These elements include: 1. Control Environment – The control environment is the foundation for the other four components of internal control. It outlines discipline and structure for the internal controlRead MoreKey Features Of Information Systems1727 Words   |  7 PagesFeatures of information systems 2 2.0 What is a Management Information System (MIS)? 3.0 MIS Packages 4.0 5.0 6.0 Features of information systems There are five features of information systems. The first feature is software. Both simple and complex software is available. Simple software can be used by smaller companies that need a basic system. Complex software is used by bigger companies which can afford to invest in this as they require very detailed management to be ableRead MoreComputerised Management Information System in Students Result and Transcript Computation1428 Words   |  6 PagesCOMPUTERISED MANAGEMENT INFORMATION SYSTEM IN STUDENTS RESULT AND TRANSCRIPT COMPUTATION 1James Agajo 2Ogedengbe Emmanuel 3Bagudu Igbekele Federal Polytechnic Auchi, Edo State, Nigeria ABSTRACT: This work proffers solution to the problem associated with the old conventional way of manual generation and issuance of transcript, Automated transcript system addresses the problem of excessive paper work, delay in transcript issuanceRead MoreEvaluation Of A Transaction Processing System937 Words   |  4 Pagesprocessing system is an information processing system for business transactions involving the collection, modification and retrieval of all transaction data. Transaction processing system characteristics are performance, reliability and consistency. Management information systems is an arrangement of equipment and procedures, that are often computerized, and is designed to provide managers with information and support on activities and functions for management company. Management information system

New York Colleges SAT Score Comparison for Admission

The Second American Revolution Expressions of Canadian...

In this paper, I will discuss Brian Gabrial’s article, â€Å"The Second Revolution†: Expressions of Canadian Identity in News Coverage at the Outbreak of the United States Civil War. Gabrial’s article is about how the Canadian identity was challenged by the American Civil War. In particular, he argues that Canadian identity is significant in five important themes: the importance of British identity, antipathy toward Americanism and suspicion of American democracy, a well-grounded fear of American militarism, a patronizing sympathy for Americans in crisis and liberal and conservative political threads. After summarizing Gabrial’s main arguments, I shall be claiming that the article has valuable points for many different reasons. The article†¦show more content†¦was desperately needed for survival. The fourth theme is patronizing sympathy for Americans in crisis focuses on Canadian sympathy for the Unites States following firing Fort Sumter in different editorials expressing concern over the Civil War’s terrible toll, sympathy declined as tensions between the United States and Great Britain increased. It was important that Canadians goodwill was gone, once Canadians realized that the North was fighting to save the Union and not to free slaves. The Union was over the Civil War’s goals had a stronger effect on conservative Canada East and many editors sympathize with the South despite the general disregard for slavery. The fifth and final theme is the display of liberal and conservative thought. The newspaper coverage, express Canadian liberal and conservative emerged. An analysis of expressions showed in newspaper indicating that thee support for the North or the South included their leadership. Both liberal and conservative Canadian newspaper editors hated the institution of slavery; they understood that Civil War causes different and developed opinions about war. The Globe expressed a pro-Northern bias to criticize Sothern culture and personality while attacking the horror of slave life. Both newspapers never mentioned Union and Confederate leadership. However, on May 2, both newspapers reported ratification of Confederate constitution and Jefferson DavisShow MoreRelatedContemporary Issues in Management Accounting211377 Words   |  846 Pagesworldwide in Oxford New York Auckland Cape Town Dar es Salaam Hong Kong Karachi Kuala Lumpur Madrid Melbourne Mexico City Nairobi New Delhi Shanghai Taipe i Toronto With oYces in Argentina Austria Brazil Chile Czech Republic France Greece Guatemala Hungary Italy Japan Poland Portugal Singapore South Korea Switzerland Thailand Turkey Ukraine Vietnam Oxford is a registered trade mark of Oxford University Press in the UK and in certain other countries Published in the United States by Oxford UniversityRead MoreManaging Information Technology (7th Edition)239873 Words   |  960 Pageson the Next Steps for a VoIP Supplier CASE STUDY I-3 The VoIP Adoption at Butler University CASE STUDY I-4 Supporting Mobile Health Clinics: The Children’s Health Fund of New York City CASE STUDY I-5 Data Governance at InsuraCorp CASE STUDY I-6 H.H. Gregg’s Appliances, Inc.: Deciding on a New Information Technology Platform CASE STUDY I-7 Midsouth Chamber of Commerce (B): Cleaning Up an Information Systems Debacle CASE STUDY II-1 Vendor-Managed Inventory at NIBCO Read MoreExploring Corporate Strategy - Case164366 Words   |  658 Pagesindustry. Manchester United – clash of expectations in the football world. Salvation Army – strategic challenges for a global not-for-profit organisation with a mission. Bayer MS – corporate social responsibility in the international development of a German company. Eurotunnel – clash of cultures threatens to derail Anglo–French rail link. Ryanair – competitive challenge and strategic choice in the budget airline industry. IKEA – quality and low prices at the Swedish furniture giant News Corporation – corporateRead MoreStrategic Marketing Management337596 Words   |  1351 PagesProfessor of Marketing Sheffield Hallam University and Visiting Professor, Northumbria University AMSTERDAM †¢ BOSTON †¢ HEIDELBERG †¢ LONDON †¢ NEW YORK †¢ OXFORD PARIS †¢ SAN DIEGO †¢ SAN FRANCISCO †¢ SINGAPORE †¢ SYDNEY †¢ TOKYO Elsevier Butterworth-Heinemann Linacre House, Jordan Hill, Oxford OX2 8DP 200 Wheeler Road, Burlington, MA 01803 First published 1992 Second edition 1997 Reprinted 1998, 1999, 2001, 2003 Third edition 2005 Copyright  © 1992, 1997, 2005, Richard M.S. Wilson and Colin Gilligan. All

Meetings Parliamentary Procedure and Meeting free essay sample

Types of meeting Meetings come in all shapes and sizes, of course. Here are some types: †¢ chat (informal discussion) with colleagues at the coffee machine. †¢ brainstorming among colleagues: where as many ideas as possible are produced quickly, to be evaluated later. †¢ project meeting / team meeting of employees involved in a particular activity. †¢ department/departmental meeting. †¢ meeting with suppliers, for example to negotiate prices for an order. †¢ meeting with a customer, for example to discuss a contract. †¢ board meeting: an official, formal meeting of a companys directors. †¢ Annual general meeting / AGM (BrE); annual meeting (AmE): where shareholders discuss the companys annual report. †¢ EGM: extraordinary general meeting: a shareholders meeting to discuss an important issue such as a proposed merger. The role of the chairperson Before the meeting A good chairperson has to be a good  organizer. What they do before the meeting is as important as the meeting itself. They should make sure the agenda (the list of things to be discussed) is complete by asking those involved what should be on it and then circulating (distributing) it to everyone concerned. We will write a custom essay sample on Meetings: Parliamentary Procedure and Meeting or any similar topic specifically for you Do Not WasteYour Time HIRE WRITER Only 13.90 / page They should check the venue, making sure the room will be free, without interruptions, until the end of the meeting. During the meeting The chairperson should be a good timekeeper. They should start the meeting on time, without waiting for latecomers. They should appoint a minute-taker to take the minutes, making sure that opinions and action points (where participants agree to do something) are noted. They should make sure each point on the agenda is allocated the time it deserves and should keep to the timetable. When the time allocated to one point is up, the chair should make sure that discussion moves on to the next point, even if the issue has not been completely covered or resolved (decided). The chair should make sure that each participant has the chance to make their point, and should deal tactfully with disagreements, making sure that each side feels their point  of view has been noted. They should also try to avoid digressions, where people get off the point. Finally, they should ensure the meeting finishes on time, or early.