Answered You can buy a ready-made answer or pick a professional tutor to order an original one.

QUESTION

Imagine you are an Information Security Manager in a medium-sized organization. Your CIO has asked you to prepare a case analysis

Case Study 1: Mitigating Cloud Computing Risks

Imagine you are an Information Security Manager in a medium-sized organization. Your CIO has asked you to prepare a case analysis report and presentation on establishing internal controls in cloud computing. The CIO has seen several resources online which discuss the security risks related to Cloud based computing and storage. One that stood out was located at http://www.isaca.org/Journal/Past-Issues/2011/Volume-4/Pages/Cloud-Computing-Risk-Assessment-A-Case-Study.aspx. You are being asked to summarize the information you can find on the Internet and other sources that are available.  Moving forward, the CIO wants to have a firm grasp of the benefits and risks associated with public, private, and hybrid cloud usage. There is also concern over how these systems, if they were in place, should be monitored to ensure not only proper usage, but also that none of these systems or their data have been compromised.Write a three to four (3-4) page paper in which you:

  1. Provide a summary analysis of the most recent research that is available in this area.
  2. Examine the risks and vulnerabilities associated with public clouds, private clouds, and hybrids. Include primary examples applicable from the case studies you previously reviewed. 
  3. Suggest key controls that organizations could implement to mitigate these risks and vulnerabilities.
  4. Develop a list of IT audit tasks that address a cloud computing environment based on the results from the analysis of the case studies, the risks and vulnerabilities, and the mitigation controls.
  5. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

  • Describe the process of performing effective information technology audits and general controls.
  • Describe the various general controls and audit approaches for software and architecture to include operating systems, telecommunication networks, cloud computing, service-oriented architecture and virtualization.
  • Use technology and information resources to research issues in information technology audit and control.
  • Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions
Show more
  • @
  • 165 orders completed
ANSWER

Tutor has posted answer for $22.00. See answer's preview

$22.00

***** ComputingJuly 202017 Risks and controls  ContentsINTRODUTION 3RISKS *** VULNERABILITIES ****** ** ******* ***** ****** ** PUBLIC ***** ****** IN ****** ***** 5CONTROL ********** *** ***** ***** ************ ******************* ********* ** an approach to ***** the ***** ** include ********* rapidly without putting ********* into *** framework ********* new ******* ** ********** *** programming ***** ********* ************ exercises for ******* *** *********** of long ***** ******** communication locales and different ***** ** ************* ********** in *** case **** ***** **** not ***** ********* ** concerned **** getting to ****** *********** ************ *********** stockpiling *** ************ ***** ********** of *** *** ******* ************ *** cloud ******* are ***** hesitant ** **** ***** business ** *** ***** ******** ****** ** ***** ********* *** ******* * **** **** ** ****** *** *** *************** ****** ******** ********** ***** as *** best test issue of ***** computing *** ***** utilizes * requisition ******* **** *** ******* the ******* ********* ********* ** ****** foundation ** ***** ****** ******* **** ****** *** prudent in ***** term; *** ******* *** **** ********** dangers Half breed clouds *** possibly **** adjusted ******* ** that ** ** *** cloud-based *************** **** ******* ************** ******* **** exceed ******* *** *************** *** ********* *** **** on-interest ** ***** ** ******* (Buyya 2009) Circulation *** ************ ****** of administrations are *** *********** ** ******* and ******* ********* dangers *** ******** ******** *** ********** ** ******* ************* and ********** administration ******* cloud ************* destroy most ******** ****** *** *** ********** ***** computing *************** **** **** viewed ** ************ ** * **** guaranteeing and ********* ************ *** ******************** ** PRIVATE ***** ******* ********** ******** ***** shoppers don't have ******* **** *** ********** computing ****** **** ** **** to ********* *** ******* accessibility dependability *** execution ** ***** ****** **** ****** have ***** their ****** business ********** **** ***** endowed ***** Security: ** ** ***** **** the security ***** *** assumed the **** ********** **** in ******** ***** ********* *************** ******* uncertainty putting **** information running your ******* on another person **** circle ********* ******* ****** *** seems overwhelming to * *** ** ****** ***** ***** customers must ***** ***** the ********* ****** ********* ************** *** incorporation While ****** ** *** ***** can ********** ****** the ********** **** ** **** raise the ******* ** information ************** ** the expense ** exchanging an ************* *********** ** *** from people in ******* and ***** ***** and *** expense *** every **** ** ********* ***** ******** *** ****** ** ** ****** Charging ****** *** versatile asset **** *** **** *** expense ********** **** ******** than ********* ****** farms ***** frequently ******* their expense ******* ****** ************ of ****** computingRISKS ** ****** ***** *********** ****** ************** party system *** bring ***** **** ** supplier's ********* ****** *********** *** ****** ********* ***** ** *** ******** ** ********** *** ** have ********* *** poor ****** ** *** ****************** **** of ***** ** the *** ****** that a **** ******* the ******* **** ** *** ******* ******* *** information ** *** client ** **** ********* **** **** **** **** cloud servers ***** **** high ************* ** programmed **** **** **** ******* ***** ******* can **** ** * ***** server on *** grounds **** **** ** ***** ******* ** ***** ***** ****** * **** client *** turn ** * cloud ****** ** a ****** ************ **** ****** ****** and might ** *********** **** imperceptible ****** *** ****** **** ******** ** ***** ***** ***** ********* ** ******* ** information ******** ****** ********* **** the ******* ********** ***** *** *** **** size *** ********* ******** overwhelmingly ******* ****** private ****** due ** ****** ******** ******* testing is an ********** sample ** * *********** *** ****** ** ******* ***** ** past ** *********** *********** **** *** dozen ******* to *** **** test ********** **** ** ********** ** HYBRID CLOUD ********** ************** **** ****** *********** ******* **** *********** and *************** in ***** ******** clouds ******* ********** ** ** customization Fragmented Control: ** is ***** ** keep ** ******* **** *********** *** *************** *** full control ** kept ** just in *** ******* ***** ******** The full ******* ** lost ** ******* ******* cloud ******** Accessibility: ********* information *** *************** over systems has ******* On *** off ****** **** *** system ** ************ ***** are ****** ** ******* ************** administrations ****** *********** ********* Public cloud ************ brings about critical ******** dangers Important ************ *********** and *************** *** ** ****** off ********** ****** ***** ********* ******** lawful ********** ******* *********** **** ** ********** basic in harms *** ******* information misfortune ****** ******* *** *** security *************** TECHNIQUESHaving *** *** **** ***** information *** ********* ****** is ************ *** element ******* **** **** ********** *** components ** ******* in ********** to *** ******** ****** ******** *********** *** other provision *** ***** movement ******* ***** The ******* control **** **** *********** ****** *** ********** *** ******** ** ****** ** adroit ******* ** *** given ********* ******* ******* **** **** ** ** a ******** to have **************** ** *** ******** between the client *** *** requisition and **** *** ***** ***** ***** ******* the ******** to ***** ******** *** information asks *** *** ******* ******* plan ***** properly do *** ** alternate things ** ***** ** doOnce *** ******* ******* plan has all the ********** data *** broke **** *** connection ** **** ***** *** structural ******** ** *** best ** ***** the *** ********* *** ******* ******* **** **** ************ ********** with *** ****** ***** ************* can be ******* as * ******* ** ******* and ******* *********** ****** that ***** ***** during ******** ** *** system (Gul ***** ******** *** ** **** *** ************ ********** *** analysis of ******** parameters for ********* ******* ******** objectives ** * ********** ** ***** ******** Analysis ** **** integrity and ************** Auditing *** *********** ** storage services for privacy ************** * strict ***** on ****** ********** **** ** implemented through ** ******** ********** ****** **** ** **** *********** for data stored· Proper ***** on ************** *** ************* ** *** ******* ************* ** ***** ********** ***** *** *********** *** ******** cloud based ************** ************** *** management ** ********* ********* System REFERENCES:Buyya ****** “Cloud Computing *** ******** IT ************ ******** **** ************************************************* ****** ****** ********* of *** new ** ************** ************ ******** from ***************************************************** ****** ******** ********* ******** *********** ******** from *************************************************************** ****** *********** ****** Auditability *** **** ******** *** ******* ******** in ***** ************ ******** from *********************************************************

Click here to download attached files: Case Study 1 Mitigating Cloud Computing Risks.docx
or Buy custom answer
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question