issc471 discussion reply

/in /by

Need two 150 word minimum response to the follow students discussions. Please see below for the questions for the week in the bold, and also the student discussion will be at the bottom.

1. What advice does the FBI provide in protecting against computer fraud? Do you feel that the Government is doing sufficient job in this area?

2. Define COBIT and it’s control objective. Do you feel the frameowrk is detailed enough to serve your orgnization? Why or why not?

3. What are the components of a good policy framework? Provide an example of each of these components.

4. What is the Deming cycle approach? How does this approach help improve quality?

5. Why is it important for IT Auditors to know about the legal environment of information systems?



Student one:

What advice does the FBI provide in protecting against computer fraud? Do you feel that the Government is doing sufficient job in this area?

To protect against computer fraud, the FBI discusses that users should start off by protecting their computer. Keeping your firewall turned on makes it harder for a hacker to gain access to it and prevents against your sensitive information being stolen. They also suggest to install and/or update your antivirus software. Anti-virus software helps to protect against malicious software getting into your computer system. By installing an anti-virus software allows for your computer to remove or disarm any viruses. The FBI also suggests being careful with what your download. They suggest individuals should not download unknown links from their emails, or that are sent to them from unknown users. By clicking on suspicious links, allows for hackers to get access to your computer.

2. Define COBIT and it’s control objective. Do you feel the framework is detailed enough to serve your organization? Why or why not?

COBIT which is also known as control objectives for information and related technology is an internationally recognized practice. COBIT offers production supports, strategic planning, implementation and framework. It helps to develop clear policies and good practices for companies. I think the framework is detailed enough to serve my organization because it continues to update its policies. It basically has a trial and error process. If a policy works, it is kept and used. However, if the policy does not work, it is either updated or altered to make it work, or not used entirely.

3. What are the components of a good policy framework? Provide an example of each of these components.

The components of a good policy framework include policies, standards, and guidelines that should be followed. An example of these components is how my place of employment has a policy that mandates that its users should update their passwords every 90 days to protect against hackers cracking their password.

4. What is the Deming cycle approach? How does this approach help improve quality?

The Deming cycle approach is used to ensure quality improvement consisting out of a logical sequence of four repetitive steps which are to: plan, do, check, and act. This approach helps to improve quality because it creates an outline in which companies and its users follow to create a guideline that should be followed. It creates the basis of what needs to be done and how it is going to be executed.

5. Why is it important for IT Auditors to know about the legal environment of information systems?

IT Auditors should know about the legal environment of information systems because they need to know about the laws and regulations that apply to their company. They should know what are in compliance and what are the regulation while doing audits. HIPPA audits if they find patient information, or if employee personal information that got leaked or got compromised by a hacker.

-Vijay

Student two:

The FBI website has a nice compiled list that can help you to combat against computer fraud and it is very simple to access. It’s a good resource for those who are unsure of what to look for when it comes to computer fraud but also a great resource for those who are already familiar but use it as a refresher because of complacency in the workplace. There are also warning on the website about using personal information such as social security numbers and to also use retail stores with reputable sales feedback.

COBIT is a framework that is used as a to control objectives and all other technologies that are related. The framework is detailed but I am not sure if the DoD uses that framework or something else, I would have to look further into it.

Control, priority and baseline allocation, control enhancements, supplemental guidance, and references are the key components for a good framework policy. Control- predefined policies to follow and allow for small adjustment. Priority and Baseline Allocation- a way of sorting decisions and situations by priority. References- all of the policies, procedures, and laws to inform control. Supplemental Guidance- guidance in addition to help aid with issues. Control Enhancements- protocols that allow additional functions.

The Deming cycle approach is like a ladder but instead of moving up so to speak, it helps you take steps further to accomplish more and keep a path to follow to allow for more and more to be efficiently completed.

Welcome to FBI.gov. (2016, April 24). Retrieved March 16, 2019, from https://www.fbi.gov/

-Andrew