Review Questions (1 to 2 paragraphs on each question)
Exercises (1 to 2 paragraphs on each questions)
Please answer all of them if you can and know.I found some here,but i would like new ones. Thank you!
Answer:
Top-down strategic planning involves high-level managers providing resources and giving directions. Directors issue policies, procedures, and processes and dictate the goals and expected outcomes of the project, as well as determine who is accountable for each of the required actions. In top-down planning, managers give directions on how projects should be handled, while in bottom-up planning, system administrators give directions on how projects should be handled. Of the two, top-down planning is the more effective security strategy, because it encompasses critical features such as coordination between departments, coordinated plans from top management, provision of sufficient resources, and support from end users.
What is the primary objective of the SecSDLC? What are its major steps, and what are the major objectives of each step?
The primary objective of the SecSDLC is the identification of
specific threats and the risks that they represent, and the
subsequent design and implementation of specific controls to
counter those threats and assist in the management of the risk. The
major steps and their objectives are:
• Investigation—Beginning with a directive from upper management
specifying the process, outcomes, and goals of the project as well
as its budget and other constraints, investigation involves
validating the directive and the affirmation or creation of
security policies on which the organization's security program is
or will be founded.
• Analysis—The documents from the investigation phase are
studied.
• Logical design—The team members create and develop the blueprint
for security, and examine and implement key policies that influence
later decisions.
• Physical design—Team members evaluate the technology needed to
support the security blueprint, generate alternative solutions, and
agree upon a final decision.
• Implementation—The security solutions are acquired, tested,
implemented, and tested again.
• Maintenance—Information systems are constantly monitored, tested,
modified, updated, and repaired. This is the most important
phase.
What questions might be asked to help identify and classify information assets? Which is the most useful question in the list
Which information asset is the most critical to the success of the organization? Which information asset generates the most revenue?Which information asset has the highest profitability?Which information asset would be the most expensive to replace?Which information asset would be the most expensive to protect?
What are the three categories of information security controls? How is each used to reduce risk for the organization?
Answer: Managerial Controls – covers strategic planning Operational Controls – covers operational planning Technical Controls – covers tactical planning
Review Questions (1 to 2 paragraphs on each question) Describe top-down strategic planning. How does it...
1) READ THE ARTICLE TO GIVE YOU MORE INFORMATION TO BASE YOUR COMMENTS ON: Strategic Planning (in nonprofit or for-profit organizations) Written by Carter McNamara, MBA, PhD, Authenticity Consulting, LLC, experts in strategic planning. Copyright 1997-2008. Adapted from the Field Guide to Nonprofit Strategic Planning and Facilitation. Simply put, strategic planning determines where an organization is going over the next year or more, how it's going to get there and how it'll know if it got there or not. The...
Chapter 2 Question # 1 list and Describe each step in the strategic planning process? Question # 6 What are some advantages and disadvantages of using a scoring model for selecting projects? Question # 11 What purpose do sensitivity analyses serve in using scoring models to choose projects? Question # 15 Name five things that may be negotiated between a client company and a contractor company? Chapter 3. Question # 2 Describe what an effective chapter should accomplish? Question #...
Please choose 5 questions from 20 and answer them. 1. How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it? 2. Where can a security administrator find information on established security frameworks? 3. What is the ISO 27000 series of standards? Which individual standards make up the series? 4. What are the issues associated with adopting a formal framework or model? 5....
Class: Marketing Management Mission and Vision play a major role in the strategic planning process. Basic questions about our business need to be confirmed (see chapter two). The mission statement provides information about the special purpose of the firm, its opportunities, and direction. A vision looks beyond the mission to envision a future; it provides added challenge and creative tension for the firm. Search for information about Starbucks. (A supplemental video is included in the Content area) and then answer...
Question 18 (1 point) Scenario: Elaine has always written papers. Now, as part of her first job, she has to plan documents. Her very first assignment is to design an in-house brochure on recycling. She realizes that the biggest difference between writing papers in school and planning documents in the workplace involves the audience. As part of her overall planning strategy she decides to write a brief online survey. She decides to ask a technical question: "Do you know what...
Forrester, NMSU, Exante Financial Services, and Others: Getting Real about Strategic Planning It must be nice to be the CIO of a FedEx, or a GE, or a Credit Suisse, where IT and the business are so tightly aligned you can barely tell the two apart. In such companies, corporate leaders understand that IT is a strategic asset and support it as such. These are places where the CIO is encouraged to spend the majority of his time on the...
2. Short answer questions (5 scores for each question, 20 scores in total) (1) Write down the local stability checking formula of solid web axial compression member. When the local stability of column web does not meet the requirements, what measures should be taken? (2) When calculating the global stability of lattice axial compression members suffering from bending about the imaginary axis, why is the equivalent slenderness ratio used? (3) Briefly describe the cross-sectional selection principle of axially loaded members:...
Explain what enterprise resource planning (ERP) systems. Outline several of their key characteristics. Describe in reasonable detail how a company leverages an ERP system and how its operations are improved after installing an ERP system like SAP. Explain how a supply chain management system helps an organization make its operations more efficient What is Upstream and Downstream management of the supply chain? Explain the concept of “Supply Network”, its benefits, and how technology made this concept available Explain the difference...
Question 1 For each of the following sub-questions, select the best answer. Each correct answer is worth two marks. 1. Neither Chile nor Peru has a mass-market café culture, but this fact has not stopped Starbucks from trying to determine what can be done to make its coffee houses successful in those markets. By recognizing that people in these two South American countries do not drink coffee as people in the United States do and that it needs to change...
PLEASE I NEED HELP!!! Case One: UConn’s University Information Technology Services (UITS) Develops a Five-Year Strategic Plan The University of Connecticut was founded in 1881 under the name Storrs Agricultural School. As the name implies, the school was originally focused solely on agricultural studies. In 1893, the school became part of the national land-grant college program, which provided land and funding to one college in each state whose focus was on teaching practical skills in agriculture, engineering, military arts, and...