Discussion on IT Security Risk Assessment for Manufacturing Company complete Solution

Question: #408

You are the CFO of a midsized manufacturing firm. You have heard nothing but positive comments about the new CIO you hired three months ago. As you watch her outline what needs to be done to improve the firm’s computer security, you are impressed with her energy, enthusiasm, and presentation skills. However, your jaw drops when she states that the total cost of the computer security improvements will be $300,000. This seems
like a lot of money for security, given that your firm has had no major incident. Several other items in the budget will either have to be dropped or trimmed back to accommodate this project. In addition, the $300,000 is above your spending authorization and will require approval by the CEO. This will force you to defend the expenditure, and you are not sure how to do this. You wonder if this much spending on security is really required.
How can you sort out what really needs to be done without appearing to be micromana-ging or discouraging the new CIO?

Read “What would you do?” #5 on page 120 of the text. Put yourself in the CIO position. Write a 2 – 3 page paper formulating a risk assessment plan that you think would justify a $300,000 investment even though your firm has never had a major incident.

Your paper should include the following:

Consider all the data that must be secure.
What types of data are at risk?
Research IT security threats and risks.
Research risk assessment templates and tools.

Your paper must follow these guidelines:

Double-spaced
12 point Times font
1 inch margins
Quotes over 3 lines, Reference page, and title page do not count in page total At least 3 references used (textbook and two Internet resources) APA format (title page, citations, Reference page) Correct spelling, grammar, and punctuation

Solution: #428

Discussion on IT Security Risk Assessment for Manufacturing Company complete Solution

In today’s real world, it has become a tough time for Companies, where it has been difficult for Companies to define the IT security where IT operations has been essential to every department. IT security measures have become concerns in most of the companies or organizations irrespective of their business domain.
I designated as a ‘CIO’ in a manufacturing company where i found that there are many things which need to be protect against any threat. ...