Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Slides:



Advertisements
Similar presentations
Information Security Management by David Kroenke
Advertisements

Information Security Management Chapter “We Have to Design It for Privacy and Security.” Copyright © 2014 Pearson Education, Inc. Publishing.
Ethics, Privacy and Information Security
Crime and Security in the Networked Economy Part 4.
Information Security Management Chapter “We Have to Design It for Privacy and Security. ” Tension between Maggie and Ajit regarding terminology.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
© Pearson Prentice Hall Using MIS 2e Chapter 12 Information Security Management David Kroenke.
Information Security Management
Security Controls – What Works
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
1 Management Information Systems Information Security Management Chapter 12.
McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.
Chapter 12 Information Security Management © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Chapter Extension 17 Small-Scale Systems Development © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 18-1 Accounting Information Systems 9 th Edition Marshall.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Factors to be taken into account when designing ICT Security Policies
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Chapter 22 Systems Design, Implementation, and Operation Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 22-1.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Securing Information Systems
Chapter 10: Ethics, Privacy, and Security Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall Chapter
Reporting Applications Reporting application inputs data from one or more sources and applies a reporting tool to that data to produce information. This.
© 2013 Pearson Education, Inc. Publishing as Prentice Hall 1 CHAPTER 11: DATA AND DATABASE ADMINISTRATION Modern Database Management 11 th Edition Jeffrey.
© 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke Slide 1 Chapter 12 Information Security Management.
CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
© 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke Slide 1 Chapter 12 Information Security Management.
BUSINESS B1 Information Security.
Information Security Management
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.
13-1 Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall Chapter 13 Information Technology for Business.
Working with HIT Systems
CPS ® and CAP ® Examination Review OFFICE SYTEMS AND TECHNOLOGY, Fifth Edition By Schroeder and Graf ©2005 Pearson Education, Inc. Pearson Prentice Hall.
System Implementation. © 2011 Pearson Education, Inc. Publishing as Prentice Hall 2 Chapter 13 FIGURE 13-1 Systems development life cycle with the implementation.
Chapter 10: Ethics, Privacy, and Security Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall Chapter
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Development Processes Chapter Study Questions Q1: How are business processes, IS, and applications developed? Q2: How do organizations use business.
Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Working at a Small-to-Medium Business or ISP – Chapter 8
Design for Security Pepper.
CHAPTER FOUR OVERVIEW SECTION ETHICS
Data and database administration
Sinusoidal Curve Fitting
Using MIS 2e Chapter 12 Information Security Management
CHAPTER 4 Information Security.
Securing Information Systems
Final HIPAA Security Rule
Section 8.3 The Law of Cosines
Chapter 9 E-Commerce Security and Fraud Protection
Copyright © 2008 Pearson Prentice Hall Inc.
Copyright © 2008 Pearson Prentice Hall Inc.
Mathematical Models: Building Functions
Copyright © 2008 Pearson Prentice Hall Inc.
Copyright © 2008 Pearson Prentice Hall Inc.
Networking for Home and Small Businesses – Chapter 8
CHAPTER FOUR OVERVIEW SECTION ETHICS
PLANNING A SECURE BASELINE INSTALLATION
Properties of Rational Functions
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Copyright © 2008 Pearson Prentice Hall Inc.
Copyright © 2008 Pearson Prentice Hall Inc.
Access Control and Site Security
Presentation transcript:

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall Learning Objectives Q1. What are the activities of business process management? Q2. What are the activities in the systems development life cycle (SDLC) development process? Q3. Which comes first: process or systems development? Q4. What is information systems security? Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall Learning Objectives Q5. What are the components of an organization’s security program? Q6. What technical security safeguards are available? Q7. What human security safeguards are available? Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Are the Activities of Business Process Management? BPM Process Figure 12-1 Four Activities in the BPM Process Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Are the Activities of Business Process Management? BPM Monitoring Activity Monitoring for Performance on its Objectives COBIT (Control Objectives for Information related Technology) Monitoring for Changes in the Process Environment Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Are the Activities of Business Process Management? BPM Modeling Activity Three types of process change Increase or decrease resources Change the structure of the process Change the process’s resource AND structure Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Are the Activities of Business Process Management? BPM Create Components Activity Create new IS components based on new process BPM Implement Process Activity Make process change operational Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall What Are the Activities of the Systems Development Life Cycle (SDLC) Development Process? SDLC Define the system Determine requirements Design system components Create, test, and implement Maintain the system (assess process results) Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall What Are the Activities of the Systems Development Life Cycle (SDLC) Development Process? SDLC Figure 12-5 BPM Provides Requirements for Systems Development Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 8/22/2011 Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall What Are the Activities of the Systems Development Life Cycle (SDLC) Development Process? Define the system Figure 12-6 SDLC: System Definition Activity Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall What Are the Activities of the Systems Development Life Cycle (SDLC) Development Process? Determine requirements Figure 12-8 SDLC: Requirements Analysis Activity Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall What Are the Activities of the Systems Development Life Cycle (SDLC) Development Process? Design components Figure 12-9 SDLC: Component Design Activity Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall What Are the Activities of the Systems Development Life Cycle (SDLC) Development Process? Implement the system Figure 12-10 SDLC: Implementation Activity Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall What Are the Activities of the Systems Development Life Cycle (SDLC) Development Process? System conversion Pilot installation Phased installation Parallel installation Plunge installation Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall What Are the Activities of the Systems Development Life Cycle (SDLC) Development Process? Maintain the system Figure 12-12 SDLC: System Maintenance Activity Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Which Comes First: Process or Systems Development? Business Process First Figure 12-13 Process-First Development Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Which Comes First: Process or Systems Development? Information System First Figure 12-14 Classic Five-Step Systems Development Life Cycle Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Which Comes First: Process or Systems Development? Another Factor: Off-the-Shelf Software And the Answer Is… Business processes first Both + Project Mgmt Iterating Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Is Information Systems Security? Process of protecting information systems vulnerabilities from threats by creating appropriate safeguards What Are the Sources of Vulnerabilities? What Are the Types of Security Threats? Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Is Information Systems Security? What Are the Sources of Vulnerabilities? Human error and mistakes Malicious human activity Natural events and disasters Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Is Information Systems Security? What Are the Types of Security Threats? Figure 12-15 Security Threats and Source Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Is Information Systems Security? Process of protecting information systems vulnerabilities from threats by creating appropriate safeguards What Are the Sources of Vulnerabilities? What Are the Types of Security Threats? Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Are the Components of an Organization’s Security Program? Senior-management involvement Safeguards Figure 12-19 Security Safeguards as They Relate to the Five IS Components Planned response to security incidents Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Technical Safeguards Are Available? Figure 12-21 Technical Safeguards Data Safeguards Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Technical Safeguards Are Available? Identification and Authorization Passwords Smart Cards Personal Identification Number (PINs) Biometric Authentication Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Technical Safeguards Are Available? Encryption Keys Figure 12-22 Basic Encryption Techniques Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Technical Safeguards Are Available? Firewalls Malware Protection Viruses, Trojan Horses, and Worms Spyware and Adware Malware Safeguards Bots, Botnets, and Bot Herders Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Technical Safeguards Are Available? Design Secure Applications Code injection SQL injection attacks Cross-site scripting (XSS) Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Technical Safeguards Are Available? Data Safeguards Figure 12-25 Data Safeguards Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Technical Safeguards Are Available? Figure 12-21 Technical Safeguards Data Safeguards Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Human Security Safeguards Are Available? Human Safeguards Human Resources Account administration Systems procedures Security monitoring Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Human Security Safeguards Are Available? Human Resources Position Definitions Hiring and Screening Processes Dissemination and Enforcement Termination Processes Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Human Security Safeguards Are Available? Account Administration Account Management; Password Management; and Help-Desk Policies Systems Procedures Figure 12-28 Systems Procedures Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

What Human Security Safeguards Are Available? Security Monitoring Activity logs Organization Response to Security Incidents Disaster Recovery Backup Sites Incident-Response Plan Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall Ethics Guide Security Privacy Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall Conclusion Q1. What are the activities of business process management? Q2. What are the activities in the systems development life cycle (SDLC) development process? Q3. Which comes first: process or systems development? Q4. What is information systems security? Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall Conclusion Q5. What are the components of an organization’s security program? Q6. What technical security safeguards are available? Q7. What human security safeguards are available? Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.