Q 1: Consider the categories of threat in Figure 10-3. Describe the three most s
ID: 458716 • Letter: Q
Question
Q 1: Consider the categories of threat in Figure 10-3. Describe the three most serious threats to each of the following businesses:
a. A neighborhood accounting firm
b. A Dentist's office
c. A Honda dealership
Q 2.Describe a potential technical safeguard for each of the threats you identified in your answer to question 1.
Q 3. Describe a potential data safeguard for each of the threats you identified in your answer to question 1. If no data safeguard is appropriate to a business, explain why.
Q 4. Describe a potential human safeguard for each of the threats you identified in your answer to question 1.
Explanation / Answer
a. For an accounting firm it is important that all data is safe and proper accounting polices are followed in order to prepare the correct set of financials (cash flow statement, income statement and balance sheet). The three most serious threats for a neighborhood accounting firm and the reasons behind them are:
1. Threat from computer crimes in the form of hacking, phishing, from viruses etc. A hacker or a virus can damage the data (and there is a large volume of data that an accounting firm has to deal with).
2. Threat from procedural mistakes like unauthorized data disclosure. This can include unauthorized discussions with third parties about the confidential client information. This may result in loss of faith and trust and eventually may lead to loss of business by the accounting firm.
3. The last threat is the threat arising from denial of service either due to human error or a computer crime. This will again result in loss of faith and trust and eventually may lead to loss of business by the accounting firm.
b. For a dentist's office the three most serious threats and their reasons are:
1. Procedural mistakes, specially in the form of faulty service will bring poor name for the dentist and people will be less willing to come to this dentist.
2. Denial of service by malware attacks, or because of human error will lead to denial of services to patients seeking treatment. This will result in immediate loss of business and in the long run will dilute the dentist's goodwill.
3. Computer crimes like hacking which attempts to steal confidential customer data is another important threat.
c. Honda dealership:
1. loss of infrastruture either due to human error or natural disasters will lead to depletion of resources, reducing the dealership's ability to sell and service Honda's vehicles.
2. Denial of service by malware attacks, or because of human error will lead to denial of services to prospective buyers. This will result in immediate loss of business and in the long run will dilute the dealership's goodwill.
3. Incorrect data modification and procedural mistakes may lead to delay in delivery or servicing of vehicle.
Q2. A potential technical safeguard for the threats identified above is to have a strong internal control process within the concerned organization or office. This will reduce the threat of unauthorized data disclosure and improper data modification. Employees will not be able to modify and/or share data without authorization.
Q3. For safeguarding data, password can be used by an organization. The passwords will allow a person to gain access to a network. This will reduce unauthorized access to data. Documents and files can also be protected in the same manner.
Q4. For human safeguard, having strong internal controls within the organization/office will help. For example, in an accounting firm, a junior accountant will not be able to access the entire set of data related to the client. The junior accountant will have access to only those data on which he/she is working. Any changes or modifications will have to be authorized by his/her senior in the firm.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.