Question
You are an IT auditor trainee at an auditing firm. Cooper & Kumar, a large, publicly traded financial investment firm, is a client. Cooper &
You are an IT auditor trainee at an auditing firm. Cooper & Kumar, a large, publicly traded financial investment firm, is a client. Cooper & Kumar has 25 sites across the region, 2,000 staff members, and thousands of clients.
You recently assessed the companys overall security policy and related documents. One area that was lacking was a description of security controls that apply to data connections from outside the internal network, such as when clients access their investment accounts. Nina, your manager, suggests that you consult the latest versions of NIST SP 800-53 and NIST SP 800-53A as your primary resources to identify relevant controls and assessment objectives.
For this assignment:
Conduct research on applicable security controls and assessment objectives as described in NIST SP 800-53 and NIST SP 800-53a. For example, consider remote access, session termination, and transmission confidentiality and integrity.
Draft a memo to your manager regarding three different security controls that are applicable to the scenario, as well as related assessment objectives as stated in NIST SP 800-53a
Cite your research properly.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Financial Reporting The Theoretical And Regulatory Framework
Authors: D A V I D Alexander
2nd Edition
0412357909, 978-0412357909
