Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management.

Published byAnabel Kelley Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management."— Presentation transcript:

1 Chapter 15 Managing Information

2 Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management

3 Chief Information Officer Align technology with business strategy Implement state-of-art solutions Provide and improve information access

4 Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management

5 IS Department and End Users Let them sink or swim (do nothing or educating) Use the stick (policies and procedures) –Steering committee Use carrot ( incentives) Offer support –Information center –Help desk

6 Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management

7 Control and Security Logical control Physical control Data control Communication control Administration control Application control

8 Physical Control Location (traffic) Security (lock) Environmental (air) Fire Power

9 Logical Control Photo Fingerprints Voice Eye Signature Password

10 Data Control Minimal privilege Minimal exposure

11 Communication Control Firewall Decryption Encryption Private & public key

12 Administrative Control Policy Procedure Hardware Software Employee Data

13 Application Control Input control Processing control Output control

14 Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management

15 Contingency Mgmt NOT disaster recovery –Reactive, not proactive Worst case scenario –All our eggs in one basket –Natural disaster –Human error / sabotage

16 Contingency Mgmt. Methods Disaster Recovery firm –Outsource strategic function? Off-line storage Data redundancy –Replicated databases –Fragmented databases

17 Contingency Methods Back-up power generators “What if” scenarios –Military war games Scaled-down manual system Back-up / recovery procedures

18 Contingency Methods Parallel systems Processing backup facility –Cold, warm, hot site

19 Cardinal Health Redundant systems for critical order processing Redundant WAN trunks System data backed up daily –Backup media kept off-site Backup replica site –Different part of country –Switched on within 30 minutes

20 Points to Remember Chief Information Officer IS Department and End Users Control & Security Contingency Management

21 Discussion Questions What types of control do you have implemented in your organization? Tell us a Contingency Management war story –What happened? –How did the firm recover? –How could the situation have been Averted? Mitigated?

22 Assignment Review chapters 8-14 Exam 2 Group assignment Research paper & presentation

Download ppt "Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management."

Similar presentations

IT Service Continuity Management

IT Service Continuity Management
Disaster Recovery Plan By Chanrithy Pol ESA Regional Information System Analyst ITIL Certified / Certified Microsoft Solution Expert Share Point / Infrastructure.

Disaster Recovery Plan By Chanrithy Pol ESA Regional Information System Analyst ITIL Certified / Certified Microsoft Solution Expert Share Point / Infrastructure.
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
Information Systems Audit Program (cont.). PHYSICAL SECURITY CONTROLS.

Information Systems Audit Program (cont.). PHYSICAL SECURITY CONTROLS.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
DISASTER CENTER Study Case DEMIRBANK ROMANIA “Piata Financiara” ConferenceJanuary 29, 2002 C 2002.

DISASTER CENTER Study Case DEMIRBANK ROMANIA “Piata Financiara” ConferenceJanuary 29, 2002 C 2002.
“Your On-Call Source for Technology Solutions”. Our Mission We help our clients make the right Technology decisions for their business We help our clients.

“Your On-Call Source for Technology Solutions”. Our Mission We help our clients make the right Technology decisions for their business We help our clients.
Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.

Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.
Managing IT Operations Dr. Merle P. Martin MIS Department CSU Sacramento.

Managing IT Operations Dr. Merle P. Martin MIS Department CSU Sacramento.
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.

Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
Chapter 12 Strategies for Managing the Technology Infrastructure.

Chapter 12 Strategies for Managing the Technology Infrastructure.
Lesson 11 – NETWORK DISASTER RECOVERY Disaster recovery plans Network backup and restoration OVERVIEW.

Lesson 11 – NETWORK DISASTER RECOVERY Disaster recovery plans Network backup and restoration OVERVIEW.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.

Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 16: Physical and Infrastructure Security.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 16: Physical and Infrastructure Security.
Chapter 10 Managing the Delivery of Information Services.

Chapter 10 Managing the Delivery of Information Services.
Concepts of Database Management Seventh Edition

Concepts of Database Management Seventh Edition
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Chapter 19 Security.

Chapter 19 Security.
Saving Your Business from a Data Loss Randy Clark.

Saving Your Business from a Data Loss Randy Clark.

Similar presentations

Ads by Google