A)
Risk Handling techniques: Avoid, sharing/transferring, Mitigating, and Accepting
Part 1: Risk Handling – The mailbox decision.
You live in a small community. In the last week, several mailboxes were destroyed by an unknown threat. How are you going to handle the potential risk of your mailbox being destroyed in the future? Justify at least one potential strategy for each risk handling technique. Recommend the best strategy and why you chose that strategy. This week is an individual assignment. No replies are required. Keep this report to no more than one page.
Part 2: Select a law that you think is the most important to you and why.
Federal Information Security Modernization Act (FISMA)
Health Insurance Portability and Accountability Act (HIPAA)
Gramm-Leach-Bliley Act (GLBA)
Sarbanes-Oxley Act (SOX)
Family Educational Rights and Privacy Act (FERPA)
Children’s Internet Protection Act (CIPA)
Children’s Online Privacy Protection Act (COPPA)
Part 3: Risk Management. “Risk Management is not Risk Elimination”. What does this mean? Do you agree or disagree with the statement? Defend your answer. Note: This is not a yes/no question.
Part 4: Securing Credit Card Data. Research a company that had a credit card breach. Here are five, but you can pick any company.
Summarize the primary risks/issues(s) in the case study
Identify up to three PCI DSS requirements that the company violated
Identify up to three mitigations the company could have implemented.