Contact Us
Sign In / Sign Up for FREE
Go to advanced search...

Risk-managemnt policy - Case Study Example

Comments (0) Cite this document
This paper describes a risk-management policy that will be utilized by a large multi-international corporation in addressing the security breaches that have been affecting them in the past. It describes the mitigation strategies that will be utilized by the company in countering…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER97.6% of users find it useful
Risk-managemnt policy
Read TextPreview

Extract of sample "Risk-managemnt policy"

Risk-Management Policy Introduction This paper describes a risk-management policy that will be utilized by a large multi-international corporation in addressing the security breaches that have been affecting them in the past. It describes the mitigation strategies that will be utilized by the company in countering these security risks. The multi-international corporation has encountered several security breaches on their customer’s confidential data and financial assets which are private and normally secured. Their customer’s credit card information was also compromised through an attack that was infiltrated on their network via a vulnerable wireless connection within the organization. Another breach that the organization endured during the course of its operations was an inside job where personal data was stolen. This was achieved through the weak access-control policies that are utilized within the organization which allowed unauthorized individual access to valuable data (Case Study). This paper dwells on ascertaining whether the policy implemented will be effective in ensuring that the customer and organization’s information is adequately secured from future security breaches.
This policy will be important because it will help in restoring the customers confidence in the organization’s handling of their confidential data and financial assets. It is also vital since it provides authority and accountability to specific people concerning the authority of disclosing or sharing the information in the organization. According to Calder, Watkins & Watkins, the organizations governing body has to give powers along with the necessary authority to a system administrator who will be the only person who can access the organization’s data. The security on the organization’s customer’s confidential information will be enforced through the use of passwords which will remain known only to their systems administrator (2010). In addition, the systems administrator within the organization will be solely responsible for disclosing any information to any authorized personnel who may require it. To enhance the data’s security further, the system administrator will be required to utilize several data encryption techniques. This will include encryption techniques like the creation of block ciphers, feistel cipher structures and the utilization of other advanced encryption standards. These techniques will help in ensuring that unauthorized people within the organization cannot interpret the meaning of the data. This will further prevent them from divulging any information concerning their customers to the members of the public (Calder, Watkins & Watkins, 2010).
The Multi-international organization will have to employ a competent network administrator who will be solely responsible of ensuring that the network is secured from external intruders. This will help in preventing any unauthorized damage and access that the organization’s computers may encounter. The Network administrator may apply some of the common wireless security features which include the Wireless Equivalent on Privacy (WEP) along with the Wi-Fi Protected Network Access features (WPA). There are various standards of the two technologies in the market that can be adopted by the organization in improving their network’s security. The network administrator will be required to configure all access points within the organization’s network with restrictions to ensure that no unauthorized parties get accessibility to their data (Jones & Ashenden, 2005). This will further be enforced through the use of several encryption standards along with checks on the MAC addresses that are accessing the organization’s network. According to Jones & Ashenden, the creation of privileged networks for use only by the organization’s personnel will also be vital in ensuring the information concerning the organization’s customers is secure (2005). In addition to the above measures, the organization’s network administrator can implement the newly introduced Wireless Intrusion Prevention Systems (WIPS). It is widely utilized for the purpose of countering the security risks that an organization’s network may encounter. This system could be utilized in line with other security measures that include network firewalls and passwords for accessing their systems (Jones & Ashenden, 2005).
The paper examined the security risks that have been affecting the security of the multi-international organization’s information concerning their customers. The solutions suggested to the problems will be very effective in ensuring the organization’s network and information are well protected from intruders who may be having malicious intentions. The organization’s staff will have to comply with the standards of conduct required of them to ensure no information concerning their customers is divulged to unauthorized parties (Calder, Watkins & Watkins, 2010).

Calder, A., Watkins, S., & Watkins, S. G. (2010). Information Security Risk Management For ISO27001/ISO27002. London: IT Governance Ltd.
Jones A., & Ashenden, D. (2005). Risk Management for Computer Security: Protecting Your Network & Information Assets. New York: Butterworth-Heinemann. Read More
Cite this document
  • APA
  • MLA
(“Risk-managemnt policy Case Study Example | Topics and Well Written Essays - 500 words”, n.d.)
Risk-managemnt policy Case Study Example | Topics and Well Written Essays - 500 words. Retrieved from
(Risk-Managemnt Policy Case Study Example | Topics and Well Written Essays - 500 Words)
Risk-Managemnt Policy Case Study Example | Topics and Well Written Essays - 500 Words.
“Risk-Managemnt Policy Case Study Example | Topics and Well Written Essays - 500 Words”, n.d.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF Risk-managemnt policy

Marketing Managemnt

...? Marketing Management inserts his/her Inserts Word Count: 3,000 words Marketing management has gained increasing importance in recent years owing to the notion of globalization and internationalization which has given way to the boundary-less movement of goods and services. Marketing for products that are sold across various cultures, languages, tastes, demographics and external conditions is no longer a simplistic job- it requires adequate and periodic management so that the product achieves a strategic fit with the diverse external environment. No longer can marketers focus their efforts on just the four P’s (product, price, promotion, place)- they have come to realize the blooming significance of 4C’s; Consumer (as opposed... Marketing...
12 Pages(3000 words)Assignment

Managemnt strategy

...& obesity matters. Currency risk with foreign branches Over-reliance on the US branch for revenue could be affected more if the rescission hits the US economy again. Competitive Position From the pointers indicated above, the two companies thrive through different focuses and means. KFC thrives through its focus on chicken and the different brands that they sell to consumers. McDonalds on the other relies more on its corporate systems and structures. Both companies are threatened by a highly competitive system in which numerous competitors and substitutes operate. Also, their international agenda is prone to international risks like cultural challenges as well as currency risks....
13 Pages(3250 words)Essay

A Risk Management Policy

...? A Risk Management Policy Given that one has just been hired as an information security engineer for a large multi-international corporation. Unfortunately the company has suffered from multiple security breaches that have threaten the public's trust that their confidential data and financial assets are private and secured. Credit card information was compromised by an attacked who infiltrated the network through a vulnerable wireless connection within the organization and the other breach was an inside job, where personal data was stolen because of weak access control policies within the organization which allowed an unauthorized individual access to valuable data. The job requirement...
3 Pages(750 words)Essay

Strategic Managemnt

...? Analysis of the Fashion UK retailing industry I. PESTEL Analysis a. Political factor The lifting of the two trade barriers known as Multifbre Agreement (MFA, 1974 to 1994) and the Agreement on Textile and Clothing (1995 to 2004) had the effect of textile products coming from other countries to be no longer constrained by trade restrictions. Retailers can now freely bought in products from anywhere in the world without being subjected to trade quota (Marouani 2009). This has dramatically changed the competitive landscape in the UK fashion retailing industry due to the intensified competition brought by foreign textiles either as a retailer or as an outsource material. b. Economic factor The effect of the recent financial crisis... Analysis...
8 Pages(2000 words)Essay

Risk Management Policy (NHS) expenditure is lost due to fraud and over charging (Lexisnexis, 2007). This paper analyzes the risk management policy of a company in the healthcare industry called NHS Greater Glasgow. The focus of the analysis is on the impact of the risk management policy on the managerial team and regular staff of employees. Risk management is taken very seriously at NHS Greater Glasgow. For this company the risk management function is an effort that is accomplished by the cooperation of all the employees working for the firm. The current risk management policy in place in this company was establish in...
2 Pages(500 words)Essay

Business Informaton Managemnt BIM)

...New Information and Communication Technology (NICT) has made dramatic changes in the contemporary society and economy and has either directly or indirectly affected businesses across the spectrum. The internet in particular, which can be loosely defined as the world-wide interconnected network of computer networks (Strydom 2004), has brought about sweeping changes in ways organisations conduct business that can be advantageous to both existing and new organisations if properly harnessed. Basically, the power of the internet lies in its ability to provide an easy to use communication channel to various individuals and corporations, information on almost every subject is readily available and it facilitates the conducting of various...
7 Pages(1750 words)Essay

Strategic Supply Chain Managemnt

...system relies on manual procurement through local market suppliers and vendors. Materials Handling Materials handling mostly involves safety for workers by having strict policies in place about issues of box opening with safety razors and other important safety steps. None of the materials ordered for the pub are really considered hazardous, so manual handling just involves staff members observing policy for safety. A check-list inventory is used during the handling process of incoming merchandise to ensure it meets with the electronic copy of the purchasing agreement or contract. Goose at the Garden installed a rather inexpensive, yet efficient electronic system to monitor and control their inventory...
2 Pages(500 words)Essay

Strategic Supply Chain Managemnt

...of information systems has enormously supported the SCM of many organizations. Automated inventory control and customer information systems have helped the organizations substantially in the process of decision making concerning the SCM of the organization. These information systems helps organizations in reducing several factors which results into the additional costs and delays in the delivery times. These factors also include the inventory level which has to be optimized with the demand of the market. Other associated benefit of the information system in SCM is that it reduces the level of risk which is associated with the uncertainty of the market place and determines the satisfaction level of...
13 Pages(3250 words)Essay

International Human Resources Managemnt develop consistent policies across all nations they are still at a very initial level. Therefore, there is a dire need for having unique HRM policies and strategies for every state in which the business is operating (Caluwe 2000). In this situation the real question arises when there has to be a balanced developed between an integrated HRM practice across border and at the same time keeping consideration of the local perspective. Organizations need to spread their competent policies to other sides of the business. This means that if there is an effective strategy in place at the home ranch it has to be introduced in other nations too for competitive advantage. Hurdles Faced As...
13 Pages(3250 words)Essay

Nursing managemnt

...Nursing Management The essay aims to address a two-fold objective to wit to summarize the article; and (2) to explain the impact on organization in terms of financial, personnel, patient care, the reputation of the hospital, and legal ramifications. Nursing Management Summary of the Article Parker, Paine & Parker (2011) authored the article entitled “Establishing an Analytical Framework in Law and Bioethics for Nurses Engaged in the Provision of Palliative Sedation” to address the ethical and legal issues that nurses need to understand and to draw a clear distinction between palliative sedation, voluntary euthanasia, and physician-assisted death (p. 58). As a health professional, nurses often find themselves in an ethical... Management The ...
2 Pages(500 words)Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Case Study on topic Risk-managemnt policy for FREE!

Contact Us