1. The Cost of Doing Security Business. Providing security for an organization can be a costly venture. The cost of safeguarding our information and resources should never exceed the value of that information and resource. As an MIS manager we are forced to make some very tough decisions each day. Based on what you read in chapter 10 or researched online, select a security measure that you feel may be too costly and/or provides only minimized benefit and explain why. Try to discuss this from a different perspective than your classmates, if possible.
2. Answer all even-numbered “Review Questions” at the end of Chapters 9 (page 387) and 10 (page 438) from Information Systems Today: Managing the Digital World in complete, grammatically correct sentences. Number each question to correspond to the number on the question being answered and submit a single Microsoft Word compatible document with all answers.
9-1. Describe the productivity paradox.
9-2. Describe how to make a successful business case, contrasting faith-, fear-, and fact-based arguments.
9-3. Compare and contrast tangible and intangible benefits and costs. (MyLab MIS)
9-4. What are the four phases of the systems development life cycle (SDLC)?
9-5. List and describe five techniques used in requirements collection. (MyLab MIS)
9-6. What are the three major components/tasks of the systems design phase of the SDLC?
9-7. What are the four options for system conversion? How do they differ from each other?
9-8. Compare and contrast the four types of systems maintenance. (MyLab MIS)
9-9. Describe the two key questions related to outsourcing.
9-10. List and describe two main types of software licenses.
Page 438
10-1. List and describe the primary threats to IS security.
10-2. Define computer crime and list several examples of computer crime. (MyLab MIS)
10-3. Explain the purpose of the Computer Fraud and Abuse Act of 1986 and the Electronic Communications Privacy Act of 1986.
10-4. Contrast hackers versus crackers.
10-5. Why are insider threats particularly dangerous for organizations? (MyLab MIS)
10-6. Define malware and give several examples.
10-7. Define and contrast cyberharassment, cyberstalking, and cyberbullying.
10-8. Define and contrast cyberwar and cyberterrorism.
10-9. What are physical access restrictions, and how do they make an information system more secure?
10-10. Describe several methods for preventing and/ or managing the spread of computer viruses.
10-11. Describe three human-based controls for safeguarding information systems.
10-12. Describe the process of managing IS security. (MyLab MIS)
10-13. Describe how the SarbanesOxley Act affects the IS security of an organization.
