CSIA 485 Week 1 Responses
CSIA 485 Week 1 Responses
CSIA 485-Adam Derham
The control group “Process” is indeed a useful in the security of an environment that is highly sensitive because of the content of its information system. The process control is a group of interconnected automated systems that apply both technological and human processes to ensure the physical safety of information systems from unauthorized access (Gants & Philpott, 2013). Computer control systems implemented in control applications have various traits that elevate their effectiveness when it comes to data protection. For one, sensors in the system that are connected to bell actuators enable real-time response to date infringement by unauthorized persons. This is one of the key components of the control group process. The control process involves the control loop, human-machine interface, maintenance utilities and remote diagnostics (Gants & Philpott, 2013). The control loop is made up of sensors that carry out measurements and communication to actuators as seen in the motion sensor connection to the alarm bell.
Measurement variables derived by sensors are communicated to the human controller who interprets the signals and develops corresponding control measurements by either opening or locking the secondary doors. Process actuators highlight change of state in the process creating new sensor signals for the reverse phase that is a person leaving the key environment. The human machine interface allows the controller to study process changes, control information, and corresponding functions in actuators (Gants & Philpott, 2013). In the control process, this is represented by the use of badges by personnel to gain access to information. Fake or damaged badges highlighting unauthorized access are noted by the interface necessitating lock down of the mantrap, which is the actuator, by push of a button by the controller. In this, the control group processes ascertain timely response to incidences of unauthorized information access.
CSIA-485 Mark Mackey
Mark Mackey gives an accurate depiction of the role of Operational Control Frameworks in the mitigation of risks arising from unauthorized access to information systems. Control frameworks provide organizations with platforms for internal evaluations that in turn highlight key businesses processes with associated risks (Dickins & O’Hara, 2008). Identification of critical processes and their risks allows design and implementation of control procedures that mitigate potential effects of the hazards. Various control frameworks have been developed over the years to assist business with this function. Examples include the COSO Internal Control Framework typically used in the assessment of companies about to be traded publicly. The Enterprise Risk Management (ERM) framework identifies risks arising from poor financial documentation thus providing reasonable assurance on the financial reporting conformance to established standards.
Operational Control frameworks in Information Systems provide a six-step protection process that improves both human and machine functions. These steps are categorization, selection, implementation, assessment, authorization, and monitoring (Horner, 2008). Impact analysis is done on the system in order to prioritize risk, select and implement baseline controls. A second impact analysis is performed to test the effectiveness of the applied baseline controls (Horner, 2008). Given testing, authorization for individuals or organizations are given provided the test results concluded risks levels are acceptable. Close monitoring is then performed throughout the period the information system is being accessed. If testing highlights risks levels as unacceptable, human, and machine processes are improved through various HR and engineering practices such as training and re-engineering respectively. Operational Control Frameworks offer structure to an organization in their risk assessment practices and information protection greatly reducing the adverse effects that arise from unauthorized access to company data.
Dickins, Denise & O’Hara, Margaret. (2008). Frameworks for Establishing and Evaluating Internal Controls: A Primer and Case Study. Journal of Case Research in Business and Economics. 2. 4. 1-16.
Gantz, S. D., & Philpott, D. R. (2013). FISMA and the risk management framework: The new practice of federal cyber security. Boston: Syngress.
Horner, R. P. (2008). Group process model: An alternative to the super user model in multi-user systems. University of Nebraska. Springer.
We have the capacity, through our dedicated team of writers, to complete an order similar to this. In addition, our customer support team is always on standby, which ensures we are in touch with you before, during and after the completion of the paper. Go ahead, place your order now, and experience our exquisite service.
Use the order calculator below to get an accurate quote for your order. Contact our live support team for any further inquiry. Thank you for making BrilliantTermpapers the custom essay services provider of your choice.