Question

IT scenario Please read the following scenario and respond to the questions at the end: Golf...

IT scenario

Please read the following scenario and respond to the questions at the end:

Golf Shoes is a retailer who sells shoes in over 170 stored in the Midwest. Golf Shoes accepts cash and credit cards for payment. They also have a customer loyalty program. To enroll in the customer loyalty program the customer must provide their name, home address, phone number, and date of birth.

Golf Shoes data center is located at their headquarters. Data backups occur based on a defined schedule that includes full backups at weekend and incremental backups during the week. For each backup cycle, two backups are taken where one backup is sent to DASD located in the Gulf Shoes data center while a second backup occurs to tape.

Golf Shoes has contracted with a 3rd party to secure tape backups offsite. A courier daily arrives at 9 AM in an armored truck to pick-up and deliver backup tapes from the offsite facility. As the courier arrives at Golf Shoes they will scan each tape that is dropped and picked-up for inventory purposes. The courier will then sign for the tapes and transit the tapes to the offsite facility. At the offsite facility, the courier will then rescan each tape to ensure it is delivered and then staff at the off-site facility will secure Golf Shoes tapes in a separate area locked room that only houses Golf Shoes tapes. Annually, Golf Shows auditors will perform physical inventory of tapes at the offsite location.

A Tape Management System (TMS) is used to initiate and perform all backups. A schedule in TMS is used to create the timing and type of backup. TMS maintains a log of all backups that occur either successfully or failures. TMS console is monitored such that alerts are sent to the problem tracking system which is reviewed, and action is taken to remediate any issues. TMS maintains an inventory of all backups that occur. TMS tracks tape usage and age. All tapes sent or retrieved from the offsite facility are logged into TMS using a scanning device. Golf Shoes does periodically randomly test restores of backup tapes.

Access to TMS is restricted to only authorize personnel. Authorization to TMS must be approved by the Vice President of Infrastructure. Access to TMS is reviewed quarterly and access requires an ID and password to access TMS. TMS will also manage the encryption of any credit card and loyalty program customer data prior to it being loaded to tape.

Please respond to the following questions:

  1. Please list the business risks (versus IT risks) associated with Golf Shoes backup procedures. Please list 2 risks only. (2 points)
  2. Please list 3 controls for each risk noted. The control cannot be written generically but must use portions of the narrative and written per the business scenario. For example, a generic control is “Users are authorized to systems.” versus the business scenario noted above “Users are approved for access to TMS by the Vice President of Infrastructure.”
  3. Please list 3 audit tests for each control presented in 2.

Provide 1 recommendation to improve the process.

Homework Answers

Answer #1
Business Risk IT Risk
If any type of customer data loss or leak is out in the market or media then this will be harsh of their reputation. If any tape is destroyed or damaged during transportation than they can lost customer informations.
"The time is money" this pharse suits here. they lacking large time in transportation and all. They also use more man power which is costly. They are using very old technology. The data can be transferd through internet with safty. Physical medium may take more time due to any reseons like traffic, vehicle problem, etc.

Controls for Risks:

  1. Company should use latest technology and resources by this they save their time as well as money.
  2. Audits should be analysed by superior persons of the company.
  3. Tapes should check when company receive and use it after in their system, because they can be damaged of some virus may destroy data.

Audit Test:

  1. Company may analyse the time and money use in both cases that is physical tape transportation and digitally transfer data through internet.
  2. Audit person may cheat company, that's why companey should analyse the audit as well.
  3. If tape which company receive at their data center has some issues and if person use it in company's data center then it nay damage or destroy data of customers.

Recommandation:

Company should use new technologies like cloud storage. This will save time as well as money of the company.

Thank you for asking!

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
Please answer the following 10 multiply questions correctly on security operations. 1. Which of the following...
Please answer the following 10 multiply questions correctly on security operations. 1. Which of the following is a correct statement regarding digital forensics? It is the study of computer technology. It is a set of hardware-specific processes that must be followed in order for evidence to be admissible in a court of law. It encompasses network and code analysis, and may be referred to as electronic data discovery. Digital forensic responsibilities should be assigned to a network administrator before an...
Please read the article and answear about questions. Determining the Value of the Business After you...
Please read the article and answear about questions. Determining the Value of the Business After you have completed a thorough and exacting investigation, you need to analyze all the infor- mation you have gathered. This is the time to consult with your business, financial, and legal advis- ers to arrive at an estimate of the value of the business. Outside advisers are impartial and are more likely to see the bad things about the business than are you. You should...
Please answer the following Case analysis questions 1-How is New Balance performing compared to its primary...
Please answer the following Case analysis questions 1-How is New Balance performing compared to its primary rivals? How will the acquisition of Reebok by Adidas impact the structure of the athletic shoe industry? Is this likely to be favorable or unfavorable for New Balance? 2- What issues does New Balance management need to address? 3-What recommendations would you make to New Balance Management? What does New Balance need to do to continue to be successful? Should management continue to invest...
After reading the following article, how would you summarize it? What conclusions can be made about...
After reading the following article, how would you summarize it? What conclusions can be made about Amazon? Case 12: Amazon.com Inc.: Retailing Giant to High-Tech Player? (Internet Companies) Overview Founded by Jeff Bezos, online giant Amazon.com, Inc. (Amazon), was incorporated in the state of Washington in July 1994, and sold its first book in July 1995. In May 1997, Amazon (AMZN) completed its initial public offering and its common stock was listed on the NASDAQ Global Select Market. Amazon quickly...
What tools could AA leaders have used to increase their awareness of internal and external issues?...
What tools could AA leaders have used to increase their awareness of internal and external issues? ???ALASKA AIRLINES: NAVIGATING CHANGE In the autumn of 2007, Alaska Airlines executives adjourned at the end of a long and stressful day in the midst of a multi-day strategic planning session. Most headed outside to relax, unwind and enjoy a bonfire on the shore of Semiahmoo Spit, outside the meeting venue in Blaine, a seaport town in northwest Washington state. Meanwhile, several members of...
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation....
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation. case:    W17400 APIGEE: PEOPLE MANAGEMENT PRACTICES AND THE CHALLENGE OF GROWTH Ranjeet Nambudiri, S. Ramnarayan, and Catherine Xavier wrote this case solely to provide material for class discussion. The authors do not intend to illustrate either effective or ineffective handling of a managerial situation. The authors may have disguised certain names and other identifying information to protect confidentiality. This publication may not be...
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT