APA Final Paper, planning for information security, computer science homework help

User Generated

inzfuvzbantnev

Computer Science

Description

Please combine all the papers in to single APA paper so that all the points in the below description is successfully organized...

The Structured External Assignment for this class will be the compilation of a completed Business Continuity Plan from the materials produced through the block. The Business Continuity Plan will be organized as follows :

  • Management overview
  • Business Continuity Plan deployment instructions
  • Maintenance log
  • Contact list
  • Index
    • An index page
    • One section for each scenario covered in the Business Continuity Plan
  • Supporting documentation
    • BCP Policies
    • Completed Business Impact Analysis
    • Preventive Control recommendations
    • Test Plan
    • Change control process

The final Business Continuity Plan will be in a format presentable to management. Instructions contained in the document should be clear, simple, and usable by people responsible for implementing the plan.

W1 = week 1 paper, W4= week 4 paper, W5 is week 5 paper


Unformatted Attachment Preview

Running head: SanGrafix on BCP 1 SanGrafix on BCP SEC-6010 - Planning for Information Security SanGrafix on BCP 2 Introduction SanGrafix is a video and game designing company which is in San Francisco, CA. SanGrafix is a company which deals with games, visual and other video related works. Considering the real world, the company has adopted the latest technology in the market which are available. Besides that, our company came up with an idea that, in the real competition world there are many companies which gives a tough competition in same field and to sustain from the competition there should be a special case so that company will gain some profits rather than fluctuating. So, there was secondary location in Sunnyvale, CA which works especially on Gaming Designing and product stuff. Therefore, the company has built up a BCP i.e. Business Continuity Plan and a proper Disaster recovery plan. Likewise, we have to implement new risk evaluation techniques so that, whenever the company was in low stages each and every employee must tackle the situation and learn how to resolve it and more important thing is staying from cybercrimes or virus which are generally called cyberattacks. Policy and Policy Statement The policy of Sangrafix was like a proper BCP should be implemented, a proper analysis risks should be done to implement BCP. Updating the BCP should be done with change in the trend. Results should be observed only after BCP implementation to see the results. People who are working in the company especially like Q&A follows particular standards and don’t fall under the threshold value. Because if they fall below the threshold value, then the company will not sustain for a long time. SanGrafix on BCP 3 Communicating with Employees The company should train the people or the employee regarding the BCP. Before assigning the work to the employees, they have to educate them and organization should conduct meetings, notify in notice board. Main Criteria Sales and Marketing Media Marketing should be done in different ways. One of the main marketing way is social media like Facebook, Instagram, Snapchat, webchat etc. Because most of the people are involved in many social networking sites. People will be playing many online games and we have to identify what modes of games were played the people and then we start designing such kind of games. When this happens only, the sales will be done in good amount. Nearly 40 employees are working in the company in sales and marketing section. Let us see what kind of games does people may according to the ages. 35% word games (18-22 years)- Men 50% adventure games (13-17 years)- Women 30% shooting games18-22 years)-Men 43% sporting games 13-17 years)- Women 30% sport games (18-22 years)-Men 20% sea games (13-17 years)- Women Table 1: Games played for both Men and Women Accounting and pay roll The accounts department is the most important department that each employee love because the pay will be done in an exact and fare manner. I pay will be credited in bank account SanGrafix on BCP 4 directly. All the financial works and companies’ profits and losses are taken care of by the accounts department. 10 employees work in accounts department. Verification or simulation of Game The main function is to verify the game is simulation is done in a proper way or not. If we find any faults or errors, then the QA will send to testing department to fix the errors and resend it back. A special team was allotted to do this fixing work with typical software. Research and Development SanGrafix has 48 employees in Research and development department. The main important work of the employees is to research in the present world, what people are preferring in games. They have to come up with a brand-new thought so that company must be benefited. Moreover, they must be back off new technology and update their work with technology. The ultimate motto is to sustain when compared to the competitors. Order processing, Shipping and Receiving SanGrafix has huge team under this department. 36 employees were working in the department to take of online orders and shipping the product to the customer and take care until the product is reached to the customer. Because if we take care about the customer then we can builda good business relationship with the customer. So, a huge infrastructure is setup like pc’s, phones and huge database to store the info of customers. This department is one of the main important branch to increases sales and income. SanGrafix on BCP 5 Technical Services The Tech department in the company serves a major department which will be updated with present technology. The emerging technology should be implemented with evolving technology. This department re-modifies the games with new features. So parallelly, the BCP should be in updated according o the changes made in gaming tech. 20 employees are working in the Technical support department. Security Protection and security measures must be taken to protect the protocols, database and other company property. A strong security system should be installed. A 24 hours security systems and detectors should be done. A full check of employees and other people should be done while they leave office. Because no one should carry out the company property. Upper Management The upper management consists of President, Vice-president and CEO. These supervisors are in charge of controlling and managing the whole association. They create objectives, vital plans, organization arrangements, and settle on choices on the bearing of the business. Furthermore, best level supervisors assume a noteworthy part in the preparation of outside assets. Best level directors are responsible to the investors and overall population. Secretarial and office management The main important work of a secretary change by industry or business, however a few undertakings are basic to many work settings. All in all, secretaries perform essential administrative, authoritative and office duties regarding an association or division, (Kokemuller, SanGrafix on BCP N, 2010). 6 Besides that, the office management will be taking care of maintenance, installation, analysis etc. The management people are so skilled people with much more training. 20 employees were working in Secretarial and office management department. Customer Relations and Support Each organization will be dealing with the adored clients. In like manner, we do have client relations and bolster office and just about 30 representatives were working under this division. The workers will be prepared in a way that practices, procedures, advancements that organization use to oversee and do a break down client and noting them about the item which they acquired. The objective is to keep up a decent business association with the client. On an entire, fulfilling the client objectives proficiently is the fundamental thought process. Along these lines, a major setup was introduced like calls, database for data and so forth. Full OC 3 Internet Network OC 3 innovation is transmission capacity which is formally called Optical Carrier 3 since it will be conveying the information on third level of synchronous optical system. This administration is given to the associations, where they require a truly rapid web, high dependable and incredible transmission capacity of speed. In this way, this innovation was setup in the organization so that there ought to be no issue regarding web. Damage Recovery and Necessary Action Damage Assessment is the deliberate procedure of deciding and evaluating the nature and degree of misfortune, enduring as well as mischief to a group coming about because of normal or human-made calamities. Damage appraisal is worried about deciding the who, what, where, SanGrafix on BCP when, and how of a calamity and is a basic piece of the basic leadership handle. Appropriately evaluating damages can: (Stout. J, 2013). 1. Provide a knowledge base to help leaders in deciding fitting game-plans and the assets required for viable reaction and recuperation. 2. Provide data to help with recognizing risk alleviation undertakings or exercises to reduce the effects of future debacles. 3. Keep general society precisely educated with respect to the greatness of the occasion and any accessible help. Damage evaluation delivers an expressive measure of the seriousness and greatness of the calamity. Reaction prerequisites and capacities, adequacy of beginning reaction operations, and necessities for supplemental help can be controlled by evaluating damage instantly following a debacle. 4. Hardware not functioning properly. 7 SanGrafix on BCP 8 Conclusion BCP will be received to enhance the productivity and ensure that all the administration will be following the arrangement, every one of the exercises which are actualized in the above paper are exceptionally pivotal and critical. Every movement has its own particular criteria and reliant on each different division. SanGrafix on BCP 9 References Kokemuller, N. (2010). List of the Duties of a Secretary. Available: http://work.chron.com/listduties-secretary-6774.html. Last accessed 9th July 2017. Stout, J. (2013). Natural Disaster Preparedness. Available: http://www.prosourcetech.com/images/misc/3_FINAL.pdf. Last accessed 7/9/2017 Hayes, R. (2014). Retail security and loss prevention. Butterworth-Heinemann. Hiles, A. (2011). The definitive handbook of business continuity management. Hoboken, N.J: Wiley. Tammineedi, R. L. (2010). Business continuity management: A standards-based approach. Information Security Journal: A Global Perspective, 19(1), 36-50. Running head: SanGrafix For Preventive Controls Preventative control methods Planning for Information Security Introduction We all know that “Prevention is better than Cure”. Likewise, we have to prevent our belongings before they face the danger. Not only about our belongings but also places where we work, we have to take care of. We are discussing about the SanGrafix Company, so we will discuss about 1 SanGrafix For Preventive Controls 2 the prevention methods that we have to plan and setup. Well when a company is established, they will also plan the prevention methods when company is in danger. Some of the measures are electrical breakdown, security system, CC Cameras, Alarms, Smoke detectors, Water detectors, server checkups etc. This paper describes about how SanGrafix had implemented the prevention measures and how it planned to reduce the risks and dangers. Control measures for electrical breakdown Electrical breakdown is one of the main factors where companies have to concern because if electricity was not supplied to the organization, then whole system will not work out. The production will be stopped. So In order to eradicate this, we have to think about the alternate options. Alternate Generator For instance, Suppose a electrical breakdown occurs and there should a another alternative called generator should be arranged. We should not stop the productivity. It is one of the best alternative to produce the electricity. Generators have a special property that it automatically switch on when the electricity was down. Second alternative UPS UPS is Uninterruptible power supply. It is connected to the computers. Whenever the electricity was down suddenly, the computer will not shut down. The UPS provides back up for the system. This helps the system from losing information from sudden breakdown of electricity. The UPS SanGrafix For Preventive Controls 3 will be charged for certain time so that later when the power is terminates, it starts generating for the system. There are different kinds of UPS which supports systems, whole company depending upon the capacity. Control measures from fire SanGrafix have to take care regarding the Fire accidents and its prevention methods. There should be highly improved equipment to detect the fire accidents in the company. The fire controls systems have to detect as soon as possible. So, that fire accidents can be eradicated. The detecting systems must alarm regarding the fire. Fire sensors must be so active and that alarms to the people. Control measure of Water Leakage Water leakage is another important factor where we have to take prevention. We have to setup water sensing systems in the office, data server rooms etc. All these steps are to detect the problem. The two normal sorts of water spill discovery systems incorporate point location and direct recognition. Point recognition functions admirably in restricted ranges, for example, stockpiling and lift shafts; a customizable test is introduced to fit the level of security required (Baskerville et al., 2014). By arranging waterproof elements in the company, which eliminates the ratio of occurrence. Emergency Exits SanGrafix For Preventive Controls 4 Emergency exits are the ways where we have to exit, when there is an emergency. This exit opens when they on the emergency switched on. When there is a fire accidents, water accidents, power failure etc. Conclusion SanGrafix For Preventive Controls 5 On a whole note, the above mentioned points and control methods were implemented and SanGraFix will improve in the all aspects like fire, water, preventive etc. Implementing the preventive methods from disasters. References SanGrafix For Preventive Controls Baskerville, R., Spagnoletti, P.& Kim, J. (2014). Incident-centered information security: Managing a strategic balance between prevention and response. Information & management, 51(1), 138-151. Peltier, T. R. (2013). Information security fundamentals.CRC Press. Snedaker, S. (2013). Business continuity and disaster recovery planning for IT professionals. Newness. Sadgrove, K. (2016). The complete guide to business risk management.Routledge. Watts Jr, J. M. (2016).Fire risk indexing.In SFPE Handbook of Fire Protection Engineering (pp. 3158-3182).Springer New York. 6 Running head: BIA for SanGrafix 1 Assignment: BIA for SanGrafix Planning for Information Security BIA for SanGrafix 2 Overview I would like to give a review regarding Business Impact Analysis (BIA). SanGrafix uses this as a secret plan when they are in downfall stage. The organization implements this planning to overcome the difficulties very soon so that they have to sustain in the present corporate world. Most of the companies like SanGrafix, where specially works on Gaming and design uses ultramodern equipment and technology to design a game or to build a game. Therefore, using such kind of equipment and all may affect the production or rise some technical issues and other mess. While initiating a design, SanGrafix sets a good BCP i.e. Business Continuity Plan to overcome any emergency issues, technical issues and other Fraud issues like virus’s attacks, hacking for data etc. Purpose The main purpose of Business Impact Analysis is to give a report on finance, accounting, and all other investments that were done on frames to enhances the company. This BIA gives a clear-cut analysis, where to concentrate and how to come up with positivity and grew in it. Moreover, Budgets were also included in the report. System Description SanGrafix was in San Francisco, CA and its child company was located in Sunnyvale, CA. The SanGrafix company was collaborated with OC3 internet service providers. They are one of the best internet provider. Moreover, the programmers will face a great challenge with virus attacks and other cyber-attacks. I will be listing the department and number of employees working in SanGrafix. BIA for SanGrafix 3 Section Number of employees Accounting and Payroll 16 Research and Development 48 Sales and Marketing 40 Order Processing, Shipping, and 36 Receiving Secretarial and office 20 management staff Upper management 10 Customer Relations and Support 30 Technology Support 20 Total 220 BIA Data Collection Working with input from users, managers, mission/business process owners, and other internal or external points of contact (POC), the mission/business processes that depend on or support the information system. Processes Description E-commerce is one of the main online business E-commerce processes where customers purchases like business to customers process. BIA for SanGrafix Processes 4 Description Now a day’s email conversations are main source E-mail based communications to communicate. They will be secured and conversations are kept confidential. Virtual contacts with the customers and reply On-line real-time customer services through webchat etc. Quality control will be notifying the number of Quality control mechanisms flaws in the designed program. Questions related to the customers are collected and Customer service handling stored. Tech support will be supporting customer via calls Maintenance and support services and sort out the problems. Amount of sales information is collected and Sales and sales administration administrated in a proper way. Finance and treasury All expenditure and investment are spent in Research and development activities R&D will look after new research HR Management will be looking after employees Human resources management and their needs Data related to current versions of software are to Information technology services be collected. BIA for SanGrafix 5 Outage Impacts The following impact categories represent important areas for consideration in the event of a disruption or impact. Impact category: Equipment/Data Loss Impact values for assessing category impact: • Severe = $2,500,000.00 • Moderate = $500,000.00 • Minimal = $100,000.00 The below table describes the business process and its impact category of the unavailable system. Business Process Impact Category E-commerce processes B Communications via E-mail A On-line real-time customer services C Production line B Production processes C Mechanisms related to quality A control BIA for SanGrafix 6 Customer service handling C Maintenance services B Sales and sales administration B Finance and treasury C R&D activities B Human resources management A Information technology services B Premises (Head Office and C branches) Marketing and PR B Accounting and reporting B Activities related to planning and C strategy Audits within the Company • 1-A • 2-B • 3-4 – C C BIA for SanGrafix 7 Estimated Downtime Estimated downtime work directly with the managers, stakeholders, clients and owners of the business because of a disruptive event. 1. MTD-Maximum Tolerable Downtime:It explains about how much time does supervisor or manager allocates time to the respective project or respective business system. 2. RTO-Recovery Time Objective:RTO describes about the resources which are unavailable system and it supports the MTD. 3. RPO-Recovery Point Objective: RPO describes about the time to comeback from the downfall of the company in a strategic process. I can provide a brief analysis on MTD, RTO, RPO in a tabular format. So that a proper allocation of time can be determined. Processes MTD (hrs) RTO (hrs) RPO (hrs) E-commerce processes 11 5 24 E-mail based communications 12 7 21 On-line real-time customer services 5 2 10 Production line 6 8 10 Production processes 7 3 11 Quality control process 2 7 20 Customer service handling 5 1 2 BIA for SanGrafix 8 Maintenance and support services 2 1 24 Sales & sales administration 8 4 48 Finance & treasury 8 4 72 Research & development activities 21 21 21 Human resources management 48 24 72 Information technology services 10 12 24 Offices 72 48 90 Marketing & PR 72 48 90 Accounting & reporting 72 48 90 72 48 72 48 Strategic & business planning 90 activities Internal audit 90 Resource Requirements The following table identifies the resources, which including hardware, software, and other resources such as data files. Platform/Operating Components Description System/Version Web Server No.1 Full OC3 internet service Web Site Host BIA for SanGrafix 9 providers Recovery Priorities The below table describes the RTO in hours, which is listed the resources in order to recover. Priority System Component Web Server No.1 Full OC3 internet server Recovery Time Objective 24 hrs to rebuild or replace provider BIA for SanGrafix 10 Conclusion On a whole note, I would like to conclude that a proper Business impact analysis (BIA) explains all about the things how a company should take a proper step to eradicate problems. Keeping issues in the mind and resolve according to it. BIA for SanGrafix 11 Reference Cerullo, V., & Cerullo, M. J. (2004). Business continuity planning: A comprehensive approach. Information Systems Management, 21(3), 70-78. Goh, M. H. (2008). Managing your business continuity planning project. Singapore: GMH Pte Ltd. Kildow, B. A. (2011). A supply chain management guide to business continuity. New York: American Management Association. Tammineedi, R. L. (2010). Business continuity management: A standards-based approach. Information Security Journal: A Global Perspective, 19(1), 36-50. Stout, J. (2013). Natural Disaster Preparedness. Available: http://www.prosourcetech.com/images/misc/3_FINAL.pdf. Last accessed 7/9/2017 Running head: Structured Assignment- Risk Assessment Structured Assignment – Risk Assessment Planning for Information Security 1 Structured Assignment- Risk Assessment 2 Introduction SanGrafix is a video and game designing company which is in San Francisco, CA. SanGrafix is a company which deals with games, visual and other video related works. Considering the real world, the company has adopted the latest technology in the market which are available. Besides that, our company came up with an idea that, in the real competition world there are many companies which gives a tough competition in same field and to sustain from the competition there should be a special case so that company will gain some profits rather than fluctuating. So, there was secondary location in Sunnyvale, CA which works especially on Gaming Designing and product stuff. Therefore, the company has built up a BCP i.e. Business Continuity Plan and a proper Disaster recovery plan. Likewise, we have to implement new risk evaluation techniques so that, whenever the company was in low stages each and every employee must tackle the situation and learn how to resolve it and more important thing is staying from cybercrimes or virus which are generally called cyberattacks. Business Process Identification Worksheet Form # BPID01 Page __1__ of __4___ Business Name: SanGrafix Contact: Address: Sunnyvale, CA Phone number: Facility # 001 E-mail: Business Process Priority Department Assets Used Money Recovering N Sales Deposits and Withdraw transactions Sales Administration C Accounting Bills receipt Structured Assignment- Risk Assessment 3 Implementing New devices C Production New installing pcs, cc cameras etc Raw Material Supplies N Transport Trucks, Internet, Phones Conversation between purchasers and Workers C Communication Mails, hangouts, Skypes messages etc Pay checks C Accounting Bills, checks. Maintenance C Cleaning Brooms, bathroom cleaning liquids, floor cleaning equipment’s etc Systems maintenance N IT Antivirus program, Internet connection, operating systems updates, tools New designs N Advertising and marketing Seminars, Speeches, Activities, TV adds, filers Implantation of latest hardware C Procurement credit cards and bills Call centers and BPO ’s C Public Relations Company websites and Holdings on main streets etc. Asset Identification Worksheet Form # AID01 Page __2__ of __4___ Business Name: SanGraffix Contact: Address: Sunnyvale, CA Phone Number: Facility # 001 E-mail: Asset In built Infrastructure Quantity Department or Location Value Priority ALL $7,400 C Structured Assignment- Risk Assessment 4 Electricity 1200MW per month ALL $10,000 C Routers 10 ALL $1200 C CD’s , USB, flash cards 80 ALL $ 295 D RAM and Processors 90 ALL $7000 C Modems 7 6 $ 400 N LED Screens 8 62 $1500 N LAN wires 150 ALL $5000 C Softwares 80 ALL $ 1800 C PC’s 120 ALL $ 100000 C Power Generators 2 ALL $ 15000 C generator Threat Identification and Assessment Worksheet Form # TIDA01 Page __3__ of __4___ Business Name: SanGrafix Contact: Address: Sunnyvale, CA Phone number: Facility # 001 E-mail: Threat POC Assets Affected Consequence (C, S, M, I) Severity (C, S, M, I) Accidents 4 Vehicles, employees, machinery C C Own respocnsibilities 5 Documents, equipment S C Structured Assignment- Risk Assessment 5 Malicious Factors 3 Personnel, equipment, Property, others private property M C Power outage 6 Machinery S S Geographical Factors 5 Workers, Building, machinery S M Physical Factors 5 Buildings, equipment, Electronics C C Threat Mitigation Worksheet Form # TM01 Page _4___ of __4___ Business Name: SanGrafix Contact: address: Sunnyvale, CA Phone number: Facility # 001 E-mail: Asset Threat Mitigation Techniques Computers Electric Failure, Virus attack Use UPS to keep your computer on in case of power outage. Use a good antivirus In built infrastructure Fire outbreaks, Introduce fire quenchers LAN wiring Systems, slow internet Utilize top notch links and instruct the clients on the most proficient method to associate them Power Natural calamities, physical Factors Introduce circuit breakers and uninterruptible Power Supply to help check electric disabling. Routers Physical Factors and electric failure Introduce switches where they can't be effortlessly harmed Ram and Processor electric failure Utilize excellent circuit breakers to avert harm if there should be an occurrence of energy separate Structured Assignment- Risk Assessment 6 Software’s and applications Virus attacks and Refresh the product consequently and utilize the good drivers Assembled HD’s Spreads malware Utilize a decent infection finder to monitor your ports Generator power supply Natural Calamities geographical and physical factors Utilize a decent infection finder to monitor your ports Guarantee that the generator or sun based boards are looked after routinely Structured Assignment- Risk Assessment 7 Conclusion On a whole, I would like to conclude that the above-mentioned cases for risk assessment on SanGrafix is as simple as that but with a clean and neat complex process. All the sheets explain how threats are concerned and other costs to the facilities. Structured Assignment- Risk Assessment 8 References Rob, B, CMIOSH, DipNEBOSH, M. (January 21, 2013). The Five Step Guide to Risk Assessment. Available: https://rospaworkplacesafety.com/2013/01/21/what-is-a-risk-assessment/. Last accessed 07/21/2017. Running head: Business Recovery Plan Business Recovery Plan Business Recovery Plan Planning for Information Security 1 Business Recovery Plan 2 Business Function Virus attacks and malware detection and the system stores the information section. Problem: If once the virus attacks the system and if they are effected then, it is waste to protect them because, it does not help in anyway. Description: The recovery plan which describes how to protect system from foreign attackers. Many of them attack on the data or the main information. It describes how to protect from foreign attackers. Immediate Action: 1. Install an anti-virus. If you observe anything fishy without your permission in your system. Then reach out to the IT corridor and networking technician so that they can take an immediate action. 2. The information must be stored in big data storage. All computers should be shared and whatever the information they are putting in must be saved at one place. So that if cyberattacks happens, there is no chance of attacking a particular system. 3. No internet should be provided to the system and especially those systems with more affected to hacking websites. Moreover, a small amount of data rate can be accessed. Contacting the persons who are in primary and secondary support. Business Recovery Plan 3 Primary Support: Kevin Secondary Support: Kyrie Mitigation Actions: 1. First, do not let your computer run. Turn it off as soon as possible. 2. Remove all the files which are already effected by virus and make sure that they should not affect other storage devices. 3. As I said earlier, make sure that, do not use one system components to another system components. Recovery Actions: Install another virus protection software and regularly check for updates. Scan the computer and remove the virus suing directions from the new anti-virus software. Use the backup external hard disk to recover files.
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Hello buddy, I need an extension of deadline by one hour so that I can fully complete your paper. I found many grammatical errors in the papers and it has forced me to correct all of them one by one. I am thus almost finishing. I have attached an outline and a section of the already completed part. Please tell me if you need the Table of Contents and an Abstract or Executive Summary. Hope you will understand. In case of any issues, Just contact me before making any move. Am sending the full paper in less than an hour's time. Thank you

Planning For Information Security at SanGrafix
Chapter One: SanGrafix on BCP
Introduction

Error! Bookmark not defined.

Error! Bookmark not defined.

Policy and Policy Statement Error! Bookmark not defined.
Communicating with Employees

Error! Bookmark not defined.

Sales and Marketing Media Error! Bookmark not defined.
Accounting and Pay Roll

Error! Bookmark not defined.

Verification or Simulation of Game Error! Bookmark not defined.
Research and Development

Error! Bookmark not defined.

Order Processing, Shipping, and Receiving Error! Bookmark not defined.
Technical Services
Security

Error! Bookmark not defined.

Error! Bookmark not defined.

Upper Management

Error! Bookmark not defined.

Secretarial and Office Management Error! Bookmark not defined.
Customer Relations and Support

Error! Bookmark not defined.

Full OC 3 Internet Network Error! Bookmark not defined.
Damage Recovery and Necessary Action
Conclusion

Error! Bookmark not defined.

Error! Bookmark not defined.

Chapter Two: Preventative Control Methods Error! Bookmark not defined.
Introduction

Error! Bookmark not defined.

Control Measures for Electrical Breakdown Error! Bookmark not defined.
Alternate Generator

Error! Bookmark not defined.

Second Alternative UPS

Error! Bookmark not defined.

Control Measures from Fire Error! Bookmark not defined.
Control Measure of Water Leakage Error! Bookmark not defined.
Emergency Exits
Conclusion

Error! Bookmark not defined.

Error! Bookmark not defined.


Running head: PLANNING FOR INFORMATION SECURITY

Planning For Information Security at SanGrafix
Students Name
Institutional Affiliation
Professor’s Name
Date of Submission

1

PLANNING FOR INFORMATION SECURITY

2

Table of Contents
Chapter One: SanGrafix on BCP .................................................................................................................. 4
Introduction ............................................................................................................................................. 4
Policy and Policy Statement ................................................................................................................... 4
Communicating with Employees ........................................................................................................... 5
Sales and Marketing Media ................................................................................................................... 5
Accounting and Pay Roll ........................................................................................................................ 6
Verification or Simulation of Game ...................................................................................................... 6
Research and Development .................................................................................................................... 6
Order Processing, Shipping, and Receiving ......................................................................................... 6
Technical Services ................................................................................................................................... 6
Security .................................................................................................................................................... 7
Upper Management ................................................................................................................................ 7
Secretarial and Office Management ...................................................................................................... 7
Customer Relations and Support .......................................................................................................... 8
Full OC 3 Internet Network ................................................................................................................... 8
Damage Recovery and Necessary Action .............................................................................................. 8
Conclusion ............................................................................................................................................... 9
Chapter Two: Preventative Control Methods ............................................................................................... 9
Introduction ............................................................................................................................................... 9
Control Measures for Electrical Breakdown...................................................................................... 10
Alternate Generator.............................................................................................................................. 10
Second Alternative UPS ....................................................................................................................... 10
Control Measures from Fire ................................................................................................................ 10
Control Measure of Water Leakage .................................................................................................... 11
Emergency Exits.................................................................................................................................... 11

PLANNING FOR INFORMATION SECURITY

3

Conclusion ............................................................................................................................................. 11

PLANNING FOR INFORMATION SECURITY

4

Chapter One: SanGrafix on BCP
Introduction
SanGrafix is a video and game designing company, which is in San Francisco; CA.
SanGrafix is a company, which deals with games, visual and other video related works.
Considering the real world, the company has adopted the latest technology in the market, which
are available. Besides that, our company came up with an idea that in the real competitive world,
there are many companies, which give a tough competition in the same field, and to sustain from
the competition there should be a special case so that company will gain some profits rather than
fluctuate. Therefore, there was a secondary location in Sunnyvale, CA that works especially on
Gaming Designing and product stuff. Therefore, the company has built up a Business Continuity
Plan (BCP) and a proper Disaster Recovery Plan (DRP). Likewise, we have to implement new
risk evaluation techniques so that, whenever the company was in low stages each and every
employee must tackle the situation and learn how to resolve it and more important thing is
staying from cyber crimes or virus which are generally called cyber attacks.
Policy and Policy Statement
The policy of Sangrafix states that a proper BCP should be implemented. A proper
analysis risks should be done to implement BCP. Updating the BCP should be done with a
change in the trend. Results should be observed only after BCP implementation to see the results.
People who are working in the company especially the Q&A should follow particular standards
and should not fall under the threshold value. If they fall below the threshold value, then the
company will not be sustainable for a long time.

PLANNING FOR INFORMATION SECURITY

5

Communicating with Employees
The company should train the people or the employee regarding the BCP. Before
assigning the work to the employees, they have to educate them and organization should conduct
meetings, notify in notice board.
Sales and Marketing Media
Marketing should be done in different ways. One of the main marketing ways is social
media like Facebook, Instagram, Snapchat, and web chat. These sites are good for marketing
because most of the people are involved in many social networking sites. People will be playing
many online games. There is need to identify what modes of games are played by people. This
should be followed by designing such kind of games. When this happens, the sales will be done
in good amount. There are 40 employees working in the company in sales and marketing
department. Below is a list of the games people play:
35% word games

(18-22 years)-

Men

50% adventure games (13-17 years)Women

30% shooting games18-22 years)Men

43% sporting games

13-17 years)-

Women
30% sport games (18-22 years)-Men

20% sea games
Women

Table 1: Games played for both Men and Women

(13-17 years)-

PLANNING FOR INFORMATION SECURITY

6

Accounting and Pay Roll
The accounts department is the most important department that each employee loves
because payment is done in an exact and fair manner. Employee’s pay will be credited in bank
account directly. All the financial works and company profits and losses are taken care of by the
accounts department. The department has 10 employees.
Verification or Simulation of Game
The main function is to verify the game if simulation has been done in a proper way or
not. If we find any faults or errors, then the QA will send that information to the testing
department to fix the errors and resend it back. A special team was allotted to do this fixing work
with typical software.
Research and Development
SanGrafix has 48 employees in Research and development department. The main work
of the employees is to research in the present world, what people prefer in games. They have to
come up with a brand-new thought so that company can benefit. Moreover, they must be back
off new technology and update their work with technology. The ultimate motto is to sustain
when compared to the competitors.
Order Processing, Shipping, and Receiving
SanGrafix has a huge team under this department. there are 36 employees working in the
department, who to take online ensure orders and ship the products to the customers. They also
ensure that the product reaches the customers safely. Once the customer is taken care of, there
will be a strong business relationship. Therefore, this will require huge infrastructures like PC's,
phones and huge database to store the info of customers. This department is one of the main
important branches to that increases sales and income.
Technical Services

PLANNING FOR INFORMATION SECURITY

7

The Tech department in the company serves as a major department, which will be
updated, with present technology. The emerging technology should be implemented with
evolving technology. This department re-modifies the games with new features. So, the BCP
should be updated according to o the changes made in gaming tech. there are 20 employees who
work in the Technical support department.
Security
Protection and security measures must be taken to protect the protocols, database and
other company property. A strong security system should be installed. A 24 hours security
systems and detectors should be done. A full check of employees and other people should be
done while they leave office. This is necessary because no one should carry out the company
property.
Upper Management
The upper management consists of President, Vice-president, and CEO. These
supervisors are in charge of controlling and managing the whole association. They create
objectives, vital plans, organization arrangements, and settle on choices on the bearing of the
business. Furthermore, best level supervisors assume a noteworthy part in the preparation of
outside assets. Best level directors are responsible to the investors and overall population.
Secretarial and Office Management
The work of a secretary changes by industry or business. However, a few undertakings
are basic to many work settings. All in all, secretaries perform essential administrative,
authoritative and office duties regarding an association or division (Kokemuller, N, 2010).
Besides that, the office manager will be taking care of maintenance, installation, analysis etc.
The management people are skilled people with much more training. there are 20 employees
were working in the Secretarial and office management department.

PLANNING FOR INFORMATION SECURITY

8

Customer Relations and Support
Each organization will be dealing with the adored clients. In that manner, we do have
client relations and bolster office and just about 30 representatives work under this division. The
workers will be prepared to know the practices, procedures, advancements that the organization
uses to oversee and do a breakdown client. They will also be told about the item which they
require. The objective is to keep up a decent business association with the client. Entirely,
fulfilling the client objectives proficiently is the fundamental thought process. Along these lines,
a major setup was introduced like calls, a database for data and so forth.
Full OC 3 Internet Network
OC 3 innovation is transmission capacity which is formally called Optical Carrier 3 since it will
be conveying the information on the third level of the synchronous optical system. This
administration is given to the associations, where they require a truly rapid web, highly
dependable and incredible transmission capacity of speed. In this way, this innovation was setup
in the organization so that there would be no issue regarding the web.
Damage Recovery and Necessary Action
Damage Assessment is the deliberate procedure of deciding and evaluating the nature and degree
of misfortune, enduring as well as mischief to a group coming about because of normal or
human-made calamities. Damage appraisal is worried about deciding the who, what, where,
when, and how of a calamity and is a basic piece of the basic leadership handle. Appropriately
evaluating damages can: (Stout. J, 2013).


Provide a knowledge base to help leaders in deciding fitting game-plans and the
assets required for viable reaction and recuperation.



Provide data to help with recognizing risk alleviation undertakings or exercises to
reduce the effects of future debacles.

PLANNING FOR INFORMATION SECURITY


9

Keep general society precisely educated with respect to the greatness of the
occasion and any accessible help. Damage evaluation delivers an expressive
measure of the seriousness and greatness of the calamity. Reaction prerequisites
and capacities, adequacy of beginning reaction operations, and necessities for
supplemental help can be controlled by evaluating damage instantly following a
debacle.



Hardware not functioning properly.

Conclusion
BCP will be received to enhance the productivity and ensure that all the administration
will be following the arrangement. Every exercise, which is actualized in the above paper, is
exceptionally pivotal and critical. Every movement has its own particular criteria and reliant on
each different division.

Chapter Two: Preventative Control Methods
Introduction
“Prevention is better than Cure”. Likewise, the company must work to prevent loss of its
property and the entire workplace for workers. This section discusses the SanGrafix Company
with regard to prevention methods when the company is in danger. Some of the measures include

PLANNING FOR INFORMATION SECURITY
10
electrical breakdown, security system, CCTV Cameras, alarms, smoke detectors, water detectors,
and server check-ups. This paper describes how SanGrafix had implemented the prevention
measures and how it planned to reduce the risks and dangers.
Control Measures for Electrical Breakdown
Electrical breakdown is one area of concern for every company. If there is no supply of
electricity to the organization, the whole system will fail to work. This means the production
process will stop. In order to eradicate this, the company must think about the alternate options.
Alternate Generator
For instance, suppose an electrical breakdown occurs, there should be another alternative
called generator. Productivity should not stop. It is one of the best alternatives to produce the
electricity. Generators have a special property that it automatically switches on when the
electricity is down.
Second Alternative UPS
UPS is an Uninterruptible power supply. It is connected to the computers. Whenever the
electricity goes down suddenly, the computer will not shut down. The UPS provides back up for
the system. This helps the system from losing information from the sudden breakdown of
electricity. The UPS will be charged for a certain time so that later when the power is terminated,
it starts generating for the system. There are different kinds of UPS which support systems, it
depends on the capacity of the whole company.
Control Measures from Fire
SanGrafix has to preventive measures regarding fire accidents and its prevention
methods. There should be highly improved equipment to detect the fire accidents in the
company. The fire controls systems have to detect as soon as possible, so that fire accident can

PLANNING FOR INFORMATION SECURITY
11
be eradicated. The detecting systems must alarm regarding the fire. Fire sensors must be so
active and alarm the people.
Control Measure of Water Leakage
Water leakage is another important factor where we have to take prevention. We have to
setup water sensing systems in the office, data server rooms etc. All these steps are to detect the
problem. The two normal sorts of water spill discovery systems incorporate point location and
direct recognition. Point recognition functions admirably in restricted ranges, for example,
stockpiling and lift shafts. A customizable test is introduced to fit the level of security required
(Baskerville et al., 2014) by arranging waterproof elements in the company, which eliminates the
ratio of occurrence.
Emergency Exits
Emergency exits are the ways where we have to exit when there is an emergency. This
exit opens when the emergency alarm is switched on when there is a fire accident, water
accidents, power failure etc.
Conclusion
On a whole note, the above-mentioned points and control methods were implemented and
SanGraFix will improve in all aspects like fire, water, preventive etc. Implementing the
pre...


Anonymous
I was struggling with this subject, and this helped me a ton!

Studypool
4.7
Indeed
4.5
Sitejabber
4.4

Related Tags