Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

How can a firm\'s security policies contribute and relate to the six main busine

ID: 3723893 • Letter: H

Question

How can a firm's security policies contribute and relate to the six main business objectives? Give examples Three major concerns of system builders and users are disaster, security, and human error. Of the three, which do you think is most difficult to deal with? Why? Why is software quality important to security? What specific steps can an organization take to ensure software quality? Hackers and their companion viruses are an increasing problem, especially on the Internet. What are the most important measurers for a irm to take to protect itself from this? Is full protection feasible? Why or why not?

Explanation / Answer

How can a firm's security policies contribute and relate to the six main business objectives? Give examples

Answer:

In order to protect assets, a security policy consists of ranking information risks, identifying security goals, and identifying mechanisms to achieve. The security policy drives policies determining who is able to use the firm’s information resources; security policy also includes provisions for identity management, which identifies the valid user of a system and controls their access to those resources. Thereby, a firm’s security policy could affect its six main business objectives as below:

Operational excellence

Businesses consistently seek improvements within their operation by information technology so as to achieve higher profits. An ideal security policy could lower the threat internally and externally. Internally, it could secure the right resources are assigned to the right people; externally, it could reduce the risk of attacks such as hacking (altering and stealing) could damage a firms reputation as well as a great deal of money. In current business structure, information security is one of the critical elements that have to be planned and executed thoroughly.

New products, service, and business models –

Information systems are enabling businesses to create new products, services, and business models. A better security policy could keep its new ideas in-house. For example, Apple used to had a great security from its product leaks so that it creates more expectation when it reveals. However, the bad security resulted in leak out in new products or services so that it doesn’t trigger a large echo on the market anymore.

Consumer/Supplier intimacy

–When a business knows its customers well, the chancesof success are often greater; when a business engages more to its suppliers; the relationship cultivates. A good security in the firm could create that extra mile in a relationship. For example, customers and suppliers and more likely to do business with firms that secures their information and uses them appropriately.

Improved decision-making:

Running a business, it is critical to have the information system to provide the right information at the right time that leads to a better decision.Enhance the system security could tighten the information distributed to the different levels in the management level. For instance, CEO may require a comprehensive information across departments whereas sales managers are only restricted to information that's relevant and useful so that they can concentrate on the core information.

Competitive advantages

In order to achieve competitive advantage, a firm needs to do things better than its competitors. A stricter system security policy can protect a firm’s tangible or intangible assets by controlling the right amount of permission to different people. Therefore, less abuse usage in resources could make the firm operate more efficiently and gain extra competitive advantages.

operational costs. Survival:

New laws and regulations make keeping your security system up-to-data a matter of survival. Inadequate security and control may result in serious legal liability. Firms have been destroyed by errors in security policies

Three major concerns of system builders and users are disaster, security, and human error. Of the three, which do you think is most difficult to deal with? Why?

Answer:

Disaster might be the most difficult because it is unexpected, broad-based, and frequently life threatening. In addition, the company cannot know if the disaster plan will work until a disaster occurs, and then it's too late to make corrections. Security might be the most difficult because it is an ongoing problem, new viruses are devised constantly, and hackers get smarter every day. Furthermore, damage done by a trusted employee from inside cannot be obviated by system security measures. Human error might be most difficult because it isn't caught until too late, and the consequences may be disastrous. Also, an administrative error can occur at any level and through any operation or procedure in the company .

Why is software quality important to security. What specific steps can an organization take to ensure software quality?

Answer:

Software errors pose a constant threat to information systems, causing untold losses in productivity. Growing complexity and size of software programs, coupled with demands for timely delivery to markets, have contributed to an increase in software flaws or vulnerabilities. A major problem with software is the presence of hidden bugs or program code defects. Studies have shown that it is virtually impossible to eliminate all bugs from large programs. Flaws in commercial software not only impede performance but also create security vulnerabilities that open networks to intruders. To correct software flaws once they are identified, the software vendor creates small pieces of software called patches to repair the flaws without disturbing the proper operation of the software. Organizations must maintain best efforts to both make sure purchased software is up to date and make sure their own software and programming is as bugfree as possible by employing software metrics and rigorous software testing. Ongoing use of metrics allows the information systems department and end users to jointly measure the performance of the system and identify problems as they occur. Examples of software metrics include the number of transactions that can be processed in a specified unit of time, online response time, the number of payroll checks printed per hour, and the number of known bugs per hundred lines of program code. For metrics to be successful, they must be carefully designed, formal, objective, and used consistently. Early, regular, and thorough testing will contribute significantly to system quality. Good testing begins before a software program is even written by using a walkthrough a review of a specification or design document by a small group of people carefully selected based on the skills needed for the particular objectives being tested. Once developers start writing software programs, coding walkthroughs also can be used to review program code. However, code must be tested by computer runs. When errors are discovered, the source is found and eliminated through a process called debugging.

Hackers and their companion viruses are an increasing problem, especially on the Internet. What are the most important measurers for a firm to take to protect itself from this? Is full protection feasible? Why or why not?

Answer:

For protection, a company must institute good security measures, which will include firewalls, investigation of personnel to be hired, physical and software security and controls, antivirus software, and internal education measures. These measures are best put in place at the time the system is designed, and careful attention paid to them. A prudent company will engage in disaster protection measures, frequent updating of security software, and frequent auditing of all security measures and of all data upon which the company depends. Full protection may not be feasible in light of the time and expenses involved, but a risk analysis can provide insights into which areas are most important and vulnerable. These are the areas to protect first.

Related Questions

How can I search a Java ArrayList for an already existing customer ID? I am not
Question #3529844
How can I separate these automatically . I have a list about 3000 rows long that
Question #643236
How can I set the maximum and minimum depth of a mouse click? Right now, when I
Question #3719605
How can I solve following questions by Excel, what’s formulas should be used. a)
Question #3442885
How can I solve the following problem using excel? What are the financial formul
Question #2717353
How can I solve the following questions using Solver in Excel? A real estate dev
Question #1174699
How can I solve the following questions using Solver in Excel? A real estate dev
Question #2906652
How can I solve this ? A home construction company has three options for the siz
Question #2380234
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
How can a firm decide what type of organizational structure is best suited for i
Next
How can a half-life be used to tell the age of a sample? Question 1 options: The

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.