Instructions:

Module 4 - Case

ETHICAL, POLITICAL, AND SYSTEM MAINTENANCE ISSUES ON INFORMATION SECURITY

Case 4 is in two parts: information security standards and ethics.



Part I



Based on the reading materials at background section and your own research, prepare a 3-5 page report to address the following questions on ISO standards on information security management:



Describe the Plan-Do-Check-Act process.

What does this process accomplish?

Part II



Based on the reading materials at background section and your own research, prepare a 3-5 page report to answer the following questions



Discuss the difference between law and ethics;

Research the Sarbanes-Oxley Act of 2002 and discuss how it has impacted information security in an organization.

Assignment Expectations

Your paper should be from 6 to 10 pages long. Combine Parts I and II into a single report, labeling each part accordingly.



Your paper should provide a summary of your findings from the assigned materials and any good quality resources you can find. Please cite all sources and provide a reference list at the end of your paper. The following items will be assessed in particular:



Ability to consolidate ideas from reading materials.

Demonstration of your understanding of the process of how to manage and operate an information security management system.

The ability to express your ideas clearly.

Content:

Ethical, Political, and System Maintenance Issues on Information Security

Name:

Course:

Instructor:

Date:

PART I

Plan-Do-Check-Act (PDCA), invented by Dr. William Edwards Deming is an iterative approach that has four stages that can be used for the continuous improvement of products, process and services and also in problem-solving. It is generally for testing the solutions that look possible, result assessment and putting into work those that seem to work. The developer of this process, Deming aimed to find and identify the causes that led to the failure of products such that they did not meet the expectations of the customers. It helps businesses to identify what need to be changed and then put them into a continuous feedback loop.

According to Mind Tools Editorial Team, the PDCA has got four stages; Plan, Do, Check and Act. The Plan phase involves identification and understanding of the problem or opportunity that the business would want to take advantage of. The simplex process gives the first six steps that can be very helpful in this. It guides through the process of information exploration, problem definition, ideas generation and screening and plan implementation. This stage is finalized by a quantitative statement of the expectations.

In the Do stage, a small-scale pilot project is used to test after the identification of the possible potential solutions. What this ...