Categories
Writers Solution

Information Technology (IT) promotes

Write a research paper that explains how Information Technology (IT) promotes getting people who are affected by policies involved in the policy-making process. Cite specific examples. 

Remember that this paper, including the list of sources, must be in APA format, and MUST cite references in the body of the paper using APA in-text citation format. A source is any paper or article that you will reference in your paper.

Requirements:

  • 2 peer reviewed resources (articles or papers) (1 may be from your annotated bibliography assignment)
  • Cited sources must directly support your paper (i.e. not incidental references)
  • At least 500 words in length (but NOT longer than 1000 words)

If you are not sure how to identify peer reviewed papers or articles, please visit the following resources:

http://libguides.gwu.edu/education/peer-reviewed-articles

APA formatting guidelines:

Categories
Writers Solution

What do you feel are the two most important technologies that allow organizations to have, live, and exist in an Information Age?

In 175 words or more. What do you feel are the two most important technologies that allow organizations to have, live, and exist in an Information Age? What are the advantages we have today that we did not have 10 and 20 years ago? 

Categories
Writers Solution

Chief information technology (IT) security officer for the Quality Medical Company (QMC)

PKI and Encryption at Work

Learning Objectives and Outcomes

  • Develop a plan to deploy public key infrastructure (PKI) and encryption solutions to protect data and information.

Assignment Requirements

In this assignment, you play the role of chief information technology (IT) security officer for the Quality Medical Company (QMC). QMC is a publicly traded company operating in the pharmaceutical industry.

QMC is expanding its arena of work through an increase in the number of clients and products. The senior management of the company is highly concerned about complying with the multitude of legislative and regulatory laws and issues in place. The company has an internal compliance and risk management team to take care of all the compliance-related issues. The company needs to make important decisions about the bulk of resources they will need to meet the voluminous compliance requirements arising from the multidimensional challenge of expansion.

QMC will be required to conform to the following compliance issues:

  • Public-company regulations, such as the Sarbanes-Oxley (SOX) Act
  • Regulations affecting financial companies, companies that make loans and charge interest, such as the U.S. Securities and Exchange Commission (SEC) rules and Gramm-Leach-Bliley Act (GLBA)
  • Regulations affecting healthcare privacy information, such as Health Insurance Portability and Accountability Act (HIPAA)
  • Intellectual Property Law that is important for information asset protection particularly for organizations in the pharmaceutical and technology industry
  • Regulations affecting the privacy of information, including personal identification information, such as personally identifiable information (PII) regularly collected from employees, customers, and end users
  • Corporate governance policies including disclosures to the board of directors and the auditors and the policies related to human resources, governance, harassment, code of conduct, and ethics

Compliance with regulatory requirements implies encrypting sensitive data at rest (DAR) and allowing access to role-holders in the enterprise who require the access. It also implies that sensitive data in motion (DIM) or data that is being communicated via e-mail, instant message (IM), or even Web e-mail must be suitably protected and sent only to the individuals who have a right to view it. The company is conscious about the loss they may face in terms of penalty and brand damage if they fail to abide by the compliance laws, especially in the online information transfer phase. Therefore, as a dedicated employee, your task is to develop a content monitoring strategy using PKI as a potential solution. You will need to determine a process or method to identify multiple data types, processes, and organizational policies. Incorporate them into a plan, and select a PKI solution that will effectively address the content management needs of your company.

You need to present your PKI solution in the form of a professional report to the senior management.

Required Resources

None

Submission Requirements

  • Format: Microsoft Word
  • Font: Arial, 12-Point, Double-Space
  • Citation Style: APA
  • Length: 1–2 pages

Self-Assessment Checklist

Use the following checklist to support your work on the assignment:

  • I have identified specific data types related to the specific compliance regulatory requirements.
  • I have indicated a solution for sharing data beyond the borders of the organization.
  • I have appropriately selected and developed a PKI solution for content control.
  • I have followed the submission requirements.
Categories
Writers Solution

Chief Information Officer (CIO)

You are part of a team selected by the Chief Information Officer (CIO) to perform a security audit for one of the companies explored in this course. 

  • Vampire Legends (Week 1)
  • Cruisin’ Fusion (Weeks 2- 3)
  • Devil’s Canyon (Weeks 4 – 5)

Create a 10- to 12-slide presentation (not including the title and reference slides) that shows the results of your security audit based on the following audit process:

  • Potential Risk to be Reviewed:Describe the risk.
  • Example: Viruses and malware can negatively impact the confidentiality, integrity, and availability of organizational data.
  • Regulation and Compliance Issues:Analyze how regulations and compliance issues could impact the organization.
  • Provide a detailed analysis of regulations and compliance issues, beyond the simple explanation in score point two.
  • Regulation and Compliance Resources and Tools: Analyze what resources and/or tools are available to address regulations and compliance issues.
  • Describe the control objective and the specific controls you will evaluate to determine potential risk is mitigated. Please note that typically, there will be more than one control that should be reviewed for a potential risk.
  • Example: Determine whether anti-virus software is in use.
  • Example: Determine whether virus signatures are periodically updated.
  • Example: Determine whether periodic virus scans are performed.
  • Provide a detailed analysis of the resources and/or tools available, beyond the simple explanation in score point two.
  • IT Security – Processes and Methods: Differentiate between the various processes and methods involved in management of IT security resources.
  • Review the various options available to address those processes and methods previously explained, and which ones might be feasible.
  • IT Security – Measures: Analyze the various security measures that could be taken within the organization.
  • Demonstrate a detailed understanding of what the alternatives are to approach security, how much security is needed, different methods to employ, etc.
  • Describe the criteria/measures that you will use to evaluate the adequacy of each area/review step that you review (i.e., what criteria will you use to perform your evaluation/how will you determine that the risk has been mitigated to an acceptable level).
  • Example: 100% of servers and PCs have virus software installed.
  • Example: 100% of the virus software installed is set to automatically update, including virus signatures.
  • Example: 100% of the virus software installed is set to automatically perform a scan at least weekly.

Include a 1/2- to 1-page executive summary to support your presentation. Include appropriate references.