Presentation is loading. Please wait.

Presentation is loading. Please wait.

AUDITORÍA THE APPCO. VOLUME 8: CRITICAL ASSET FOR PEOPLE.

Published byCandace Norris Modified over 9 years ago

Similar presentations

Presentation on theme: "AUDITORÍA THE APPCO. VOLUME 8: CRITICAL ASSET FOR PEOPLE."— Presentation transcript:

1 AUDITORÍA THE APPCO

2 VOLUME 8: CRITICAL ASSET FOR PEOPLE

3

4

5

6

7 PEOPLE CEO Assintant. Proyect Manager. Requirements Manager. Requirement Engineer. Design Manager. Graphic Designer. Software Architect Scrum Master. Developers.

8 CRITICAL PEOPLE. CEO Proyect Manager. Quality Manager. Administration Manager. Marketing Manager. Administration, SCRUM, usability, CMMI, Moprosoft, Technic and client attention KNOWLEDGES.

9 ABSENCE OF PEOPLE. KEY PEOPLE TAKING A TEMPORARY ABSENCE. KEY PEOPLE LEAVING THE ORGANIZATION PERMANENTLY. THREATS AFFECTING A THIRD-PARTY OR SERVICE PROVIDER.

10 GOOD THINGS The APPCO. has team work well established. The APPCO has a plan for what to do if an employee don't go to work.

11 BAD THINGS. Don't have well established functions of all the employees. Don’t mention employees of Administration, marketing, call center and Quality areas. Don’t mention how many employees does the company have. Don’t have enough workers if any problem of absence occur. Most of the employees are area managers, so if one of these people don’t go to work, that area is almost unuselss.

12 RECOMMENDATIONS. Keep the absence and team plans. Determine an specific number of employees. Establish the tasks of ALL the employees of ALL areas. Contemplate employees for client attention.

13 VOLUME 5: CRITICAL ASSET FOR INFORMATION

14 CRITICAL INFORMATION. Client information. Finance information. Proyect information. Requirements engineer. SCRUM team Usability Accountants*

15 NETWORK ACCESS INFORMATION GOOD POINTS. The company has a privacy policy. BAD POINTS. There are no rules of restriction of information. There is not well established who uses the internal information. There is no protection for the information against external people.

16 RECOMENDATIONS Estipulate who uses and protect the information. Implement user privileges to access the information.

17 HUMAN ACTORS USING PHYSICAL ACCESS. BAD POINTS The company doesn’t have physical restrictions (site, equipment, computers…). The company doesn’t have security against external people. The company doesn’t have an insurance in case of robbery.

18 RECOMMENDATIONS. The company should restrict some areas for external and internal people. The company should improve its security using security systems or people.

19 SYSTEM PROBLEMS GOOD THINGS. The company has plans for lost of information and for infrastructure problems. BAD THINGS. There is not established who is going to attend a problem.

20 RECOMMENDATIONS There are no sufficient security standards if a system fails. There are no sufficient people who take care about the problems.

21 OTHER PROBLEMS GOOD POINTS. The company has a plan in case of infrastructure problems. The company has established default configurations.

22 OTHER PROBLEMS BAD POINTS The company doesn’t have an emergency power supply. The company doesn’t have a plan or insurance in case of natural disasters.

23 RECOMMENDATIONS The company should sign up an insurance service. The company should make a natural disaster plan. The company should consider an emergency power supply.

Download ppt "AUDITORÍA THE APPCO. VOLUME 8: CRITICAL ASSET FOR PEOPLE."

Similar presentations

Museum Presentation Intermuseum Conservation Association.

Museum Presentation Intermuseum Conservation Association.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Information systems Integrity Protection. Facts on fraud  UK computer fraud 400 Million £  17 000 on 136 000 companies  avg case 46 000 £  France.

Information systems Integrity Protection. Facts on fraud  UK computer fraud 400 Million £  on companies  avg case £  France.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Information Assurance Policy: Course Summary. 2 A Multifaceted Activity Policy needs, goals, construction, enforcement, evolution Governance, legislation,

Information Assurance Policy: Course Summary. 2 A Multifaceted Activity Policy needs, goals, construction, enforcement, evolution Governance, legislation,
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Date: 03/05/2007 Vendor Management and Metrics. 2 A.T. Kearney X/mm.yyyy/00000 AT Kearney’s IT/Telecom Vendor Facts IT/Telecom service, software and equipment.

Date: 03/05/2007 Vendor Management and Metrics. 2 A.T. Kearney X/mm.yyyy/00000 AT Kearney’s IT/Telecom Vendor Facts IT/Telecom service, software and equipment.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.

Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
E-commerce security by Asif Dalwai 886 39 5409. Introduction E-commerce applications Threats in e-commerce applications Measures to handle threats Incorporate.

E-commerce security by Asif Dalwai Introduction E-commerce applications Threats in e-commerce applications Measures to handle threats Incorporate.
Chapter 10 Managing the Delivery of Information Services.

Chapter 10 Managing the Delivery of Information Services.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Does The Cloud Fit Into Your Organization? Tom Horan Meridian IT Inc. VP, Strategic Markets (847) 912-3244.

Does "The Cloud" Fit Into Your Organization? Tom Horan Meridian IT Inc. VP, Strategic Markets (847)
Network security policy: best practices

Network security policy: best practices
Business Intelligence: Data and Text Management Instructor: Bajuna Salehe Web:

Business Intelligence: Data and Text Management Instructor: Bajuna Salehe Web:
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Auditoria. AGENDA Innovatec Services Chicoche Systems Chicoche Systems Services Critical Asset Worksheet for people Critical Asset Worksheet for Information.

Auditoria. AGENDA Innovatec Services Chicoche Systems Chicoche Systems Services Critical Asset Worksheet for people Critical Asset Worksheet for Information.
Chapter 13 Security Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives State the major responsibility.

Chapter 13 Security Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives State the major responsibility.

Similar presentations

Ads by Google