CMGT v1

Risk Assessment – C-Suite Group Tasks

CMGT/545 v1

Page 2 of 2

Risk Assessment – C-Suite Group Tasks

Research

Research the following items to assist in negotiating an appropriate risk assessment for Intuit, Inc.’s cloud-based applications project:

Laws and regulations to consider when implementing security controls: In certain industries, these laws are mandatory and have legal consequences such as PCI DSS, HIPPA, FERPA, SOX, etc.

Industry standards and what other competitors in the same business are doing, for example, “company ABC are implementing a 2-factor authentication and encryption so we’re doing it too”

Ensure the following items are taken into consideration when negotiating:

The company has reasonable protections in place for security of their information system.

Budget, time, and resources (human resources; computer, network, and system resources) are allocated appropriately and utilized efficiently. The team needs to be able to measure the project’s success by creating a measurable matrix or KPIs.

There a balance between security and convenience that won’t interrupt day-to-day activities.

Information security policy is approved by upper management and enforced throughout the company (with the help of the IT department).

Summary

Write a summary of your research findings.

Copyright 2020 by University of Phoenix. All rights reserved.

The post CMGT v1 Risk Assessment – C-Suite Group Tasks CMGT/545 v1 Page 2 appeared first on PapersSpot.