Grocery Store Case Study

1045 Words5 Pages

1. Discuss how you would classify the information of a national grocery store chain. Give your store a creative name. The classification of a national grocery store chain would be considered commercial. The classification used is based on the overall sensitivity of the data. If I have a grocery store chain called Collin’s Market, the overall store would have three level of classification: public, private, and confidential. The overall store layout, design, visual merchandising techniques, number of employees, policies/procedures, hierarchy and etc. would be considered public information. Public data is the least sensitive data used by the company and would cause the least harm if disclosed. Collin’s Market PII database which may include: …show more content…

Discuss how you would assess the risk of the student records system of a large university. Give your university a creative name. Student and staff records in educational institutions are valuable. Colleges and universities have a reputation of weaker data security, making them susceptible to data loss. Data loss could cause reputational damage and possible financial penalties for large universities. To reduce risk, Lewis Collins University (LCU) has a wide range of guidance policies/procedures, and advice in place which is available via the University website. This is used to answer specific questions. Within those policies and procedure, there are specific guidance for records management department. Attempting to move away from paper records through the use of shared email accounts, share drives, and portal pages to store student records can increase the risk for data loss and breaches. Policies and procedures that outline proper cyber training to student and staff on spyware, spams, and phishing to gain access to your sensitive personal information and commit financial crimes will mitigate data loss via email. LCU can defend data against malware through secured servers, whether physical or in cloud, and shield against vulnerabilities. LCU will ensure all data is safe and secure by using role-based access control to ensure confidentiality and …show more content…

Take one topic from the course and discuss how you would sell the concept to the President the International Olympic Committee. Do not use the topics from the previous questions. I would try to incorporate the Heimdal's corporate security checklist to the policy and procedures of the International Olympics Committee. I would advise that this checklist should be the foundation for annual or quarterly retention audits. This checklist would also layout mandatory training to the committee that would include the continuity of operations (COOP), emergency IT drills, and IT physical security. The audits would consist of asset inventory of operating systems, software, and equipment to ensure the inventory is within standards. This checklist would ensure cloud and physical data server’s documents to include policy and procedures, IAVA/patch management, and financial budgets on current operations and future operations are to standards and can be support on the network. I would also encourage that the checklist be a part of the employee's initial orientation to ensure all employees understand the current policies and procedures, organizational chart as well as how they relate to overarching standards, and cybersecurity training