Risk Management at Cincom Systems Term Paper by scribbler

Risk Management at Cincom Systems
A review of the ISO 27000 series standards Cincom Systems can adopt.
# 152702 | 1,687 words | 4 sources | APA | 2013 | US


$19.95 Buy and instantly download this paper now

Description:

The paper describes how Cincom Systems has provided control measures and countermeasures to ensure the security of their systems and then discusses how their risk management standards and policies should be aligned with globally accepted standards and industry best practices. The paper looks at the three standards of the ISO 27000 series Cincom Systems can adopt, namely ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27005, and explains how by starting off with the 27001 and 27002 standards, Cincom Systems can develop an information security management system that will improve the overall information security posture of their information systems and information technology infrastructures, assets and resources. The paper then details the ISO 27005 risk management approach and recommends that the risk management process should be performed on a continuous and regular basis to meet the challenges posed by emerging threats and vulnerabilities.

From the Paper:

"Although there are risks involved in the new business model of Cincom Systems, there have already been mitigating measures thereto to ensure the confidentiality, integrity and availability of the information contained in the databases of the company. Foremost of this is the service level agreement the company has with Saleforce.com, and more than likely, the agreement contains provisions on how the third-party service provider will protect the information of the client. Outsourcing the business or part thereof is actually one of the risk management initiatives or mitigation measures whereby the risk is transferred to another party. Previously, risk transference is done only via taking insurance policies or keeping important documents or materials in bank safety deposit boxes. With the emergence of information and communications technology along with various electronic commerce transactions, part of the risk transference strategy became the purview of third-party business process outsourcing companies and service providers.
"Aside from using Salesforce.com as a viable platform for their business, Cincom Systems has provided control measures and countermeasures to ensure the security of their systems. The Virtual Private Network (VPN) set up with the 128-bit encryption is one of the strongest security measures for data being transmitted online. Monitoring through VPN analysis applications guarantees data consistency and that no bugs are introduced or security violations being made. (Case Study: Protecting the CRM System at Cincom Systems, 2010)"

Sample of Sources Used:

  • Case Study: Protecting the CRM System at Cincom Systems. (2010).
  • ISO/IEC. (2005). ISO/IEC 27001: Information technology -- Security techniques -- information security management systems -- Requirements. Geneva, Switzerland: ISO Copyright Office.
  • ISO/IEC. (2005). ISO/IEC 27002: Information technology -- Security techniques -- Code of practice for information security management. Geneva, Switzerland: ISO Copyright Office.
  • ISO/IEC. (2008). ISO/IEC 27005: Information technology -- Security techniques -- Information security risk management. Geneva, Switzerland: ISO Copyright Office.

Cite this Term Paper:

APA Format

Risk Management at Cincom Systems (2013, April 19) Retrieved July 15, 2020, from https://www.academon.com/term-paper/risk-management-at-cincom-systems-152702/

MLA Format

"Risk Management at Cincom Systems" 19 April 2013. Web. 15 July. 2020. <https://www.academon.com/term-paper/risk-management-at-cincom-systems-152702/>

Comments