Question
Project 13.3: Assessing Risk Management According to the FFIEC Information Security InfoBase Handbook ( Appendix A ), the initial step in a regulatory Information Technology
Project 13.3: Assessing Risk Management According to the FFIEC Information Security InfoBase Handbook ( Appendix A ), the initial step in a regulatory Information Technology Examination is to interview management and review examination information to identify changes to the technology infrastructure, new products and services, or organizational structure.
1. Explain how changes in network topology, system configuration, or business processes might increase the institutions information securityrelated risk. Provide examples.
2. Explain how new products or services delivered to either internal or external users might increase the institutions might increase the institutions information securityrelated risk. Provide examples.
3. Explain how loss or addition of key personnel, key management changes, or internal reorganizations might increase the institutions information securityrelated risk. Provide examples.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Object Databases The Essentials
Authors: Mary E. S. Loomis
1st Edition
020156341X, 978-0201563412
