Background: A leading bank has asked you to help in terms of providing initial, high-level assessment...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
Background: A leading bank has asked you to help in terms of providing initial, high-level assessment of risks to their operations. The bank is investing in new information systems to provide better user experience and protection for their clients and partners. The bank keeps Pll of its clients in addition to its business partners. Due to some new regulatory requirements, the bank needs to update its internal operations to avoid hefty fines and exclusion from governmental programs. Furthermore, the bank needs to adopt an international standard for payment systems in its quest for compliance and obtaining larger market share. Accordingly, the bank wants to explore the possibility of adopting a hybrid cloud model with some of the Pll hosted on premises and some with a cloud service provider. Instructions: Come up with a list of 5 information assets that the bank should protect based on the above scenario. Try your best to suggest information assets that represent all/most of the asset categories shown in class. You may rank the assets in order of importance based on criteria that are relevant to the above scenario. After that, propose at least 5 threats to the information assets you came up with in the first step. Due to the many categories of threats that exist, you may only stick to technology-related risks in this lab. Then, for each Asset-Threat pair, list the top 5 potential vulnerabilities. Finally, build a 5X5X5 TVA model matrix based on the above information and present your findings in class. You may make any assumptions that help in terms of matrix building and document these assumptions. Background: A leading bank has asked you to help in terms of providing initial, high-level assessment of risks to their operations. The bank is investing in new information systems to provide better user experience and protection for their clients and partners. The bank keeps Pll of its clients in addition to its business partners. Due to some new regulatory requirements, the bank needs to update its internal operations to avoid hefty fines and exclusion from governmental programs. Furthermore, the bank needs to adopt an international standard for payment systems in its quest for compliance and obtaining larger market share. Accordingly, the bank wants to explore the possibility of adopting a hybrid cloud model with some of the Pll hosted on premises and some with a cloud service provider. Instructions: Come up with a list of 5 information assets that the bank should protect based on the above scenario. Try your best to suggest information assets that represent all/most of the asset categories shown in class. You may rank the assets in order of importance based on criteria that are relevant to the above scenario. After that, propose at least 5 threats to the information assets you came up with in the first step. Due to the many categories of threats that exist, you may only stick to technology-related risks in this lab. Then, for each Asset-Threat pair, list the top 5 potential vulnerabilities. Finally, build a 5X5X5 TVA model matrix based on the above information and present your findings in class. You may make any assumptions that help in terms of matrix building and document these assumptions.
Expert Answer:
Answer rating: 100% (QA)
This background and instructions are related to performing a risk assessment for a banks information system Lets break it down step by step Step 1 Lis... View the full answer
Related Book For
Auditing and Assurance services an integrated approach
ISBN: 978-0132575959
14th Edition
Authors: Alvin a. arens, Randal j. elder, Mark s. Beasley
Posted Date:
Students also viewed these general management questions
-
Find WACCI? Metrics Project A Project B Initial Investment $(10,000,000) $(9,000,000) NPV $5,341,384 $4,162,681 Internal Rate of Return(IRR) 12.4 % 13.4% MIRR 13.03% 14.03% Profitability Index...
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
Googles ease of use and superior search results have propelled the search engine to its num- ber one status, ousting the early dominance of competitors such as WebCrawler and Infos- eek. Even later...
-
Suppose that the vice president of marketing asks you to write a program to create labels for a onetime advertising promotion. As IT manager, you know that the labels can be prepared more efficiently...
-
Financial information for The Buckle is presented in Appendix B at the end of the book. Required: 1. Calculate the debt to equity ratio for the past two years. Did the ratio improve or weaken in the...
-
Under absorption costing, which costs are considered product costs? Which costs are considered period costs?
-
The accounts of Cascade Consulting, Inc., follow with their normal balances at December 31, 2010. The accounts are listed in no particular order. Requirements 1. Prepare the companys trial balance at...
-
Beechers Boston Barbeque Company purchased a customer list and an ongoing research project for a total of $300,000. Beecher uses the expected cash flow approach for estimating the fair value of these...
-
4.) A random sample of 29 rainbow trout caught at Brainard Lake, Colorado, had mean length = 12.3 inches with sample standard deviation = 2.7 inches. a.) Find a 95% confidence interval for the...
-
Solve y" + y = 1 - t 2 / 2 ? if 0 < t < and 0 if t ?? ??; here, y(0) = 0, y' (0) = 0. This models an undamped system on which a force F acts during some interval of time (see Fig. 59), for instance,...
-
The boron isotope 10 B captures neutrons in an (n,)--neutron in, alpha particle outreaction whose cross section for thermal neutrons is 4.010 3 b. The density of 10 B is 2.210 3 kg/m 3 . What...
-
Jerry has a landscaping business and uses unleaded petrol in his ute and various gardening equipment. For the quarter ended 30 th June he used a total of 273 litres, 182 litres in the ute and the...
-
A 5.0 kg wooden sled is launched up a 25-degree snow-covered slope (k = 0.06) with an initial speed of 8.0 m/s. a)What vertical height does the sled reach above its starting point? b)What is the...
-
Let's say that you had the opportunity to give your persuasive speech again only to a large crowd of people. Where would you present your speech? What audience would you have? Would it be on national...
-
Calculate the single-sided upper bounded 99% confidence interval for the population mean (mu) given that a sample of size n=9 yields a sample mean of 3.88 and a sample standard deviation of 1.83....
-
abc company began year 1 with 5 0 0 0 0 in cash and common stock. on jan 1 , year 1 , abc co issued 2 5 0 0 0 0 of 2 0 - year 1 0 % bonds. the bonds were issued at face value. interest is paid on...
-
What does law have to do with power?
-
Dan and Diana file a joint return. Dan earned $31,000 during the year before losing his job. Diana received Social Security benefits of $5,000. a. Determine the taxable portion of the Social Security...
-
In Parts I (pp. 245-247) and II (pp. 287-288) of this case you performed preliminary analytical procedures and assessed acceptable audit risk and inherent risk for Pinnacle Manufacturing. In Part III...
-
Lucia Johnson, of Johnson and Lecy, CPAs, has completed the first-year audit of Tidwell Publishing Co., a publicly held company, for the year ended December 31, 2011. She is now working on a review...
-
Explain why auditors need an understanding of the client's industry. What information sources are commonly used by auditors to learn about the client's industry?
-
Third quartile = _______
-
Interquartile range (IQR) = _____ _____ = _____
-
Find the mean for the following frequency tables. Frequency a. Grade 49.5-59.5 2 59.5-69.5 3 69.5-79.5 8 79.5-89.5 12 89.5-99.5 5 Table 2.51 b. Daily Low Temperature Frequency 49.5-59.5 53 59.5-69.5...
Study smarter with the SolutionInn App