Course Hero Logo

CMGT 582 Week 3 Learning Team.docx - SECURITY AUDIT PART II...

  • University of Phoenix
  • CMGT 582
  • Essay
  • KidIronAnteater23
  • 10
  • 93% (15) 14 out of 15 people found this document helpful

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 4 out of 10 pages.

SECURITY AUDIT PART II1Security Audit, Part IICMGT/582 Security & Ethics
SECURITY AUDIT PART II2Security Audit, Part IIIntroduction:Amazon is required to conform with current privacy laws and regulation and other statemandated to ensure the organization is meeting regulatory compliances. Outlined below we willbe discussing some of those laws and regulation that are required, and we will be evaluating andsummarizing them with a value of non-complaint or needs improvement metric which would begenerated from the security assessment along with recommendations on how to improve uponthem to maintain Amazons current and future business status governing compliances and legalregulations.Regulations and Privacy LawsChildren’s Online Privacy Protection Act of 1998 (COPPA)Amazon recognized the rights of parent to protect their children’s personal identifiableinformation (PII), such as First and last name, home or other physical address including streetname and name of a city or town, online contact information, screen or user name that functionsas online contact information, telephone number, social security number, persistent identifier thatcan be used to recognize a user over time and across different websites or online services,photograph, video, or audio file, where such file contains a child’s image or voice, geolocationinformation sufficient to identify street name and name of a city or town or Informationconcerning the child or the parents of that child that the operator collects online from the childand combines with an identifier described above ("Ftc.gov", 2017). To Adhere to regulation andremain compliance, Amazon assessed the regulation and the company’s compliance whichrevealed a rating of “Needs Improvement”. The rating was due in part to the complexity requiredto comply.Amazon will continue to not conduct business or collect information from childrenthat are under the age, the company will also investigate and implement reasonable procedures,
SECURITY AUDIT PART II3policies, and processes to protect the security of personal information. Amazon will post, andupdate its privacy policy that complies with COPAA ("Ftc.gov", 2017).Federal Information Security Management Act (FISMA)Amazon’s business with the federal government has been lucrative for both parties, assuch it is import for Amazon to adhere to the Federal Information Security Management Act(FISMA). FISMA is a comprehensive framework to protect government information, operationsand assets against natural or man-made threats (Rouse, 2013). To Adhere to the regulation andremain compliance, Amazon conducted an assessment of the regulation and the company’scompliance stance. The assessment revealed a rating of “Needs Improvement”. The main reasonfor this rating is the volatile nature of information security, which requires continuous processes,policies, and procedures to stay ahead of the game.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 10 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Winter
Professor
N/A
Tags

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture