AminataFunchess BUS 519 assign1.docx

And be willing to support the efforts by providing

Info icon This preview shows pages 5–8. Sign up to view the full content.

View Full Document Right Arrow Icon
and be willing to support the efforts by providing additional software and staff needed to have successful risk management. Three project risk recommendations for Flayton’s would be to hire additional information security staff, retrain current staff, and implement a risk management program for the organization. It is necessary to add staff to assist the CIO and Vice President with their information security program. CIO Sergei explained in the case that he was only able to meet the PCI requirements up to 75% because compliance with that program was solely up to him. He also provided he had at least 3 other high priority projects that required his attention during that time and he was the only person handling everything. Laurie the VP was an experienced
Image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
ASSESS ORGANIZATIONAL READINESS 6 professional, but her expertise was loss prevention within the store, not information security. It is obvious that there is a lack of ability for either CIO or VP to properly handle any security breaches appropriately, let alone be proactive. Laurie could benefit from additional training in information security. Sergei needs additional staff to adequately run scans and have their PCI program reach a higher percentage to avoid future security breaches. With the addition of staff and training for their current staff, Flayton’s will be positioned to become proactive versus reactive and avoid potential data breaches in the future. Once the new staff is in place and the current staff has received additional training, the company should set up an adequate risk management program. Flayton’s was originally informed of the data breach from a third party. If it had not been for Union Century Bank, there is no telling how long it would have taken for CIO Sergei or VP Laurie to realize there was a breach. Brett Flayton needs to take the lead in implementing a risk management program that all employees abide by and are held accountable to. “The presence of an active risk-management program says something about your company's brand. Workers have knowledge of expectations and leadership from the start of their employment, while your business develops a reputation as thorough and professional. You build and support strategic planning through development of your program, and you establish a standard to which you can evaluate performance and adapt to changing needs. When you anticipate risk, your preparation begins, and the shock of the unexpected is dissipated” ("What Benefits Are Gained by Implementing a Risk-Management Program?" 2013). The initial categories of risk that are present would be that the information security systems were not adequate to support their associated risks, information security has not been given the appropriate priority within the program, and key resources were unavailable. The main system that was in place was the scans performed by outside auditors to make sure the systems
Image of page 6
ASSESS ORGANIZATIONAL READINESS 7 were working properly. Even with this compliance standard, Flayton’s was only 75% compliant.
Image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern