![Page 1: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/1.jpg)
Chapter 15
Managing Information
![Page 2: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/2.jpg)
Agenda
• Chief Information Officer
• IS Department and End Users
• Control & Security
• Contingency Management
![Page 3: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/3.jpg)
Chief Information Officer
• Align technology with business strategy
• Implement state-of-art solutions
• Provide and improve information access
![Page 4: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/4.jpg)
Agenda
• Chief Information Officer
• IS Department and End Users
• Control & Security
• Contingency Management
![Page 5: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/5.jpg)
IS Department and End Users
• Let them sink or swim (do nothing or educating)
• Use the stick (policies and procedures)– Steering committee
• Use carrot ( incentives)• Offer support
– Information center– Help desk
![Page 6: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/6.jpg)
Agenda
• Chief Information Officer
• IS Department and End Users
• Control & Security
• Contingency Management
![Page 7: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/7.jpg)
Control and Security
• Logical control
• Physical control
• Data control
• Communication control
• Administration control
• Application control
![Page 8: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/8.jpg)
Physical Control
• Location (traffic)
• Security (lock)
• Environmental (air)
• Fire
• Power
![Page 9: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/9.jpg)
Logical Control
• Photo
• Fingerprints
• Voice
• Eye
• Signature
• Password
![Page 10: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/10.jpg)
Data Control
• Minimal privilege
• Minimal exposure
![Page 11: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/11.jpg)
Communication Control
• Firewall
• Decryption
• Encryption
• Private & public key
![Page 12: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/12.jpg)
Administrative Control
• Policy
• Procedure
• Hardware
• Software
• Employee
• Data
![Page 13: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/13.jpg)
Application Control
• Input control
• Processing control
• Output control
![Page 14: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/14.jpg)
Agenda
• Chief Information Officer
• IS Department and End Users
• Control & Security
• Contingency Management
![Page 15: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/15.jpg)
Contingency Mgmt
• NOT disaster recovery– Reactive, not proactive
• Worst case scenario– All our eggs in one basket– Natural disaster– Human error / sabotage
![Page 16: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/16.jpg)
Contingency Mgmt. Methods
• Disaster Recovery firm– Outsource strategic function?
• Off-line storage
• Data redundancy– Replicated databases– Fragmented databases
![Page 17: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/17.jpg)
Contingency Methods
• Back-up power generators
• “What if” scenarios– Military war games
• Scaled-down manual system
• Back-up / recovery procedures
![Page 18: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/18.jpg)
Contingency Methods
• Parallel systems
• Processing backup facility– Cold, warm, hot site
![Page 19: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/19.jpg)
Cardinal Health• Redundant systems for critical order
processing
• Redundant WAN trunks
• System data backed up daily– Backup media kept off-site
• Backup replica site– Different part of country– Switched on within 30 minutes
![Page 20: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/20.jpg)
Points to Remember
• Chief Information Officer
• IS Department and End Users
• Control & Security
• Contingency Management
![Page 21: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/21.jpg)
Discussion Questions
• What types of control do you have implemented in your organization?
• Tell us a Contingency Management war story– What happened?– How did the firm recover?– How could the situation have been
• Averted?• Mitigated?
![Page 22: Chapter 15 Managing Information. Agenda Chief Information Officer IS Department and End Users Control & Security Contingency Management](https://reader036.vdocument.in/reader036/viewer/2022062423/5697c02b1a28abf838cd863f/html5/thumbnails/22.jpg)
Assignment
• Review chapters 8-14
• Exam 2
• Group assignment
• Research paper & presentation