Question
Ms. Meltem, a senior market-stock trader, was hired by a rival corporate finance company (CCC-Co) after leaving a corporate finance company (CBC-Co). Shortly thereafter, CBC-Co
Ms. Meltem, a senior market-stock trader, was hired by a rival corporate finance company (CCC-Co) after leaving a corporate finance company (CBC-Co). Shortly thereafter, CBC-Co lost two of its major customers, who said they switched to a rival firm; furthermore, personal data files were seen to have mysteriously disappeared from the company's database. In addition, a year-end recommendation prepared by Ms. Meltem was released by the rival brokerage firm two weeks early and shared with its corporate customers. The security policy currently implemented at CBC-Co includes: "In case the employee leaves the job, the employees will hand over their laptops, disks and all kinds of materials and will not take any hardware or software with them when they leave the office.
" a) Write down three information security risks for CBC-Co, depending on the scenario and situation described. State how these risks might affect C, I and A. Make an assessment for the implications of risks, using an approach similar to what we saw in the class.
b) How should CBC-Co make a change in its current policy in order to avoid situations similar to the scenario given above?
c) What kinds of technical and non-technical controls can CBC-Co apply in order to avoid situations similar to the scenario given above? Evaluate the efficiencies of each of them.
Ms. Meltem, a senior market-stock trader, was hired by a rival corporate finance company (CCC-Co) after leaving a corporate finance company (CBC-Co). Shortly thereafter, CBC-Co lost two of its major customers, who said they switched to a rival firm; furthermore, personal data files were seen to have mysteriously disappeared from the company's database. In addition, a year-end recommendation prepared by Ms. Meltem was released by the rival brokerage firm two weeks early and shared with its corporate customers. The security policy currently implemented at CBC-Co includes: "In case the employee leaves the job, the employees will hand over their laptops, disks and all kinds of materials and will not take any hardware or software with them when they leave the office." a) Write down three information security risks for CBC-Co, depending on the scenario and situation described. State how these risks might affect C, I and A. Make an assessment for the implications of risks, using an approach similar to what we saw in the class. b) How should CBC-Co make a change in its current policy in order to avoid situations similar to the scenario given above? c) What kinds of technical and non-technical controls can CBC-Co apply in order to avoid situations similar to the scenario given above? Evaluate the efficiencies of each of themStep by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Contemporary Auditing
Authors: Michael C. Knapp
9th Edition
1133731244, 9781133731245
