The SBRU information system includes four subsystems: Resort relations, Student booking,Accounting and finance, and Social networking. The first three are purely Web applications, soaccess to those occurs through an Internet connection to a Web server at the SBRU home office.However, the Social networking subsystem has built-in chat capabilities. It relies on Internetaccess, as students compare notes before they book their travel reservations and as they chatwhile traveling. To function properly, the system obviously requires a wireless network at eachresort. SBRU isnt responsible for installing or maintaining the resort wireless network; they onlyplan to provide some design specifications and guidelines to each resort. The resort will beresponsible for connecting to the Internet and for providing a secure wireless environment forthe students.

#1 Design Integrity Controls: Input

Using the information provided in the running case study descriptions and your documents from the previous assignments determine which input controls are relevant to the data your system will collect. Provide justification for each input control and give at least two examples of how each input control is relevant to the system. Given that the information provided in the case study can be limited, you may need to make some assumptions, in which case be sure to document and discuss them.

#2 Design Integrity Controls: Output

Using the information provided in the running case study descriptions and your documents from the previous assignments determine which output controls are relevant to the data your system will collect. Provide justification for each output control and give at least two examples of how each output control is relevant to the system. Given that the information provided in the case study can be limited, you may need to make some assumptions, in which case be sure to document and discuss them.

#3 Designing Integrity Controls: Redundancy, Backup, and Recovery

Using the information provided in the running case study descriptions and your documents from the previous assignments explain the role that redundancy, backup, and recovery will play in the system and discuss their importance for the system in your case study. Given that the information provided in the case study can be limited, you may need to make some assumptions, in which case be sure to document and discuss them.

#4 Designing Integrity Controls: Fraud Prevention

Using the information provided in the running case study descriptions and your documents from the previous assignments and Figure 6-11 conduct a preliminary risk mitigation assessment on the system for your case study. Discuss which factors affecting fraud risk are most applicable for the system and briefly describe how those risks can be minimized.

#5 Designing Security Controls: Access Controls

Using the information provided in the running case study descriptions and your documents from the previous assignments determine which access controls are most relevant to the system. Provide justification for each access control and give an examples of how each access control is relevant to the system. Be sure to also include a discussion of the different types of users that need to be considered when determining the access controls for the system. Given that the information provided in the case study can be limited, you may need to make some assumptions, in which case be sure to document and discuss them.

#6 Designing Security Controls: Data Encryption

Using the information provided in the running case study descriptions and your documents from the previous assignments determine which data will need to be encrypted either during storage, transmission, or both. Provide justification for why the data needs to be protected. Given that the information provided in the case study can be limited, you may need to make some assumptions, in which case be sure to document and discuss them.

#7 Designing Security Controls: Secure Transactions

Using the information provided in the running case study descriptions and your documents from the previous assignments determine which standards and protocols may be needed to secure transactions in the system. Provide justification for why those standards and protocols are the most appropriate way to secure the transactions. Given that the information provided in the case study can be limited, you may need to make some assumptions, in which case be sure to document and discuss them.

Deliverables

• Submit a professionally formatted report that includes:
  • Executive Summary (A brief description (3-5 sentences) that demonstrates your understanding of the systems design activities and designing system controls)
  • Input Controls
  • Output Controls
  • Redundancy, Backup, and Recovery
  • Fraud Prevention
  • Access Controls
  • Data Encryption
  • Secure Transactions