Download Presentation - Plante Moran
Download Presentation - Plante Moran
Download Presentation - Plante Moran
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Case Study - Risk Assessment<br />
Objective: C ontrols provide reasonable assurance that physical access to computer <br />
equipment, storage media, and program documentation is restricted to authorized <br />
personnel.<br />
What Can Go Wrong:<br />
Relevance<br />
Probability:<br />
Impact:<br />
Daily Weekly Monthly Quarterly Annually<br />
No Inmpact Nuisance Significant Crisis<br />
Key Controls<br />
1. Encrypted Mobiles devices / USB <br />
drives<br />
2. C ard controlled data center access<br />
3. Receptionist during business hours<br />
1. C omputer equipment (including mobile devices) lost or stollen.<br />
2. D ata storage U SB drives lost or stollen<br />
3. U nauthorized access to data center<br />
4. <br />
5.<br />
Designed <br />
Effectively<br />
Operating <br />
Effectively<br />
Test Results<br />
Yes Partially Exceptions Noted<br />
Yes<br />
Yes<br />
No exceptions <br />
noted<br />
Yes<br />
Yes<br />
No exceptions <br />
noted<br />
Conclusion Meets / Does Not Meet Risks O bjectives<br />
20