Page 361 -
P. 361

360 Part Two  Information Technology Infrastructure





        Hands-On MIS Projects

        The projects in this section give you hands-on experience analyzing security  vulnerabilities, using
          spreadsheet software for risk analysis, and using Web tools to research security  outsourcing services.



        Management Decision Problems

        1.  K2 Network operates online game sites used by about 16 million people in over 100 countries. Players are
           allowed to enter a game for free, but must buy digital “assets” from K2, such as swords to fight dragons, if
           they want to be deeply involved. The games can accommodate millions of players at once and are played
           simultaneously by people all over the world. Prepare a security analysis for this Internet-based business.
           What kinds of threats should it anticipate? What would be their impact on the business? What steps can it
           take to prevent damage to its Web sites and continuing operations?
        2. A survey of your firm's IT infastructure has identified a number of security  vulnerabilities. Review the data
           on these vulnerabilities, which can be found in a table in MyMISLab. Use the table to answer the following
           questions:

           •  Calculate the total number of vulnerabilities for each platform. What is the potential impact of the security
             problems for each computing platform on the organization?
           •  If you only have one information systems specialist in charge of security, which  platforms should you
             address first in trying to eliminate these vulnerabilities? Second? Third? Last? Why?
           •  Identify the types of control problems illustrated by these vulnerabilities and explain the measures that
             should be taken to solve them.
           •  What does your firm risk by ignoring the security vulnerabilities identified?

        Improving Decision Making: Using Spreadsheet Software to Perform a
        Security Risk Assessment

        Software skills: Spreadsheet formulas and charts
        Business skills: Risk assessment
        This project uses spreadsheet software to calculate anticipated annual losses from various security threats
        identified for a small company.
           Mercer Paints is a paint manufacturing company located in Alabama that uses a  network to link its
          business operations. A security risk assessment requested by management  identified a number of potential
        exposures. These exposures, their associated probabilities, and average losses are summarized in a table,
        which can be found in MyMISLab. Use the table to answer the following questions:

           •  In addition to the potential exposures listed, identify at least three other potential threats to Mercer Paints,
             assign probabilities, and estimate a loss range.
           •  Use spreadsheet software and the risk assessment data to calculate the expected annual loss for each
             exposure.
           •  Present your findings in the form of a chart. Which control points have the greatest  vulnerability? What
             recommendations would you make to Mercer Paints? Prepare a written report that summarizes your
               findings and recommendations.



















   MIS_13_Ch_08 Global.indd   360                                                                             1/17/2013   3:10:24 PM
   356   357   358   359   360   361   362   363   364   365   366