Take on the role of Risk Management Analyst for Capital One Finance.
Using the attached Segregation of Duties Matrix, create a 6- to 8-page Security Risk Mitigation Plan for the Capital One Finance.
Research and include the following:
· Refer to additional resources below and attached, and the grading rubric.
· Security Risk Mitigation Plan:
· Select and document security policies and controls.
· Provide authentication recommendations.
· Document administrator roles and responsibilities.
· Document user roles and responsibilities.
· Determine authentication strategy.
· Determine intrusion prevention and detection strategy.
· Determine virus detection strategies and protection.
· Create auditing policies and procedures.
· Recommend an education plan for employees on security protocols and appropriate use.
· Provide recommendations for managing identified risk
· Avoidance
· Transference
· Mitigation
· Acceptance
· Address change Management/Version Control.
· Outline acceptable use of organizational assets and data.
· Present employee policies (separation of duties/training).
· Incident response process
· Preparation
· Detection
· Containment/analysis
· Eradication
· Restoration/Recovery
· Lessons learned (root cause analysis and action plan)
Additional Resources
· Intrusion prevention begins with an IPS that can automatically detect and stop intrusions. However, no control can stop all intrusions. Consequently, we need strong detection controls, including
· The purpose of separation of duties is to ensure no one person can perform all tasks associated with a critical business process. This helps prevent fraud and mistakes. A common way to do this is the creation of roles (RBAC) and the assignment of tasks in an access matrix (spreadsheet). This allows data owners to understand who can do what and how to remove one or more tasks to ensure no role can perform all business process tasks. A separation of duties tool is attached below. The tabs along the bottom take you to the various business processes included. Adapt this to any set of business processes.
· Employee training is typically focused on the contents of the acceptable use policy.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more