Question #4 - IT General Controls (20 marks)
Nod Nocturnal Security Service's service requires a blend of various IT General
Controls, if it wants to leverage its MIS to help with the competitive strategies.
Out of physical, access, and communications controls, thoroughly describe how
access controls plus three other specific controls would be crucial to the
company's success. You can use this to support various competitive strategies or
company operations in general. Be specific as to how the controls would mitigate
risk (or how an absence would expose the company to significant risk). (5 marks
for each control - 20 marks in total)
, Answer :
The following controls would be crucial to the company's success:
1) Access controls:
Access controls would be crucial to the company's success in order to ensure that
only authorized personnel have access to the company's MIS and to prevent
unauthorized access that could lead to data breaches.
Access controls are the set of rules that determines who can access a resource
and what operations they can perform on it. Access controls are crucial to the
company's success because they help protect valuable information.
The first step to implementing access controls is to identify all the resources in
your organization and then classify them based on their value. You must also
assign a classification level, or clearance, to each resource. The clearance level
determines who can access the resource, what operations they can perform on it,
and how often they can do so.
The next step is to create an access control list (ACL) for each resource that
specifies which users have which permissions for that resource. For example, an
ACL might specify that only administrators may create new files in a particular
directory but any user may read those files once created.
Nod Nocturnal Security Service's service requires a blend of various IT General
Controls, if it wants to leverage its MIS to help with the competitive strategies.
Out of physical, access, and communications controls, thoroughly describe how
access controls plus three other specific controls would be crucial to the
company's success. You can use this to support various competitive strategies or
company operations in general. Be specific as to how the controls would mitigate
risk (or how an absence would expose the company to significant risk). (5 marks
for each control - 20 marks in total)
, Answer :
The following controls would be crucial to the company's success:
1) Access controls:
Access controls would be crucial to the company's success in order to ensure that
only authorized personnel have access to the company's MIS and to prevent
unauthorized access that could lead to data breaches.
Access controls are the set of rules that determines who can access a resource
and what operations they can perform on it. Access controls are crucial to the
company's success because they help protect valuable information.
The first step to implementing access controls is to identify all the resources in
your organization and then classify them based on their value. You must also
assign a classification level, or clearance, to each resource. The clearance level
determines who can access the resource, what operations they can perform on it,
and how often they can do so.
The next step is to create an access control list (ACL) for each resource that
specifies which users have which permissions for that resource. For example, an
ACL might specify that only administrators may create new files in a particular
directory but any user may read those files once created.
