February 24th, 2010 | 
Author: 1. What are the company’s major information security
threats?
2. Develop a security awareness training plan for employees
and franchisees.
3. Which Internet-based data backup plans should be
used?
4. Review data retention requirements for various types of
records.impact of security, disaster planning, and data retention:
Meredith (President and Owner) “I never
realized that security and disaster planning involved
everyone in the company. I thought I could leave it all to
Abe, but now I see that everyone needs to be aware of our
plans, which might impact multiple departments.”
Suzanne (VP of Studios) “I now know that we
need to focus on the role of our employees in handling
disasters.”
Leda (VP of Franchises) “Our franchisees are
always calling me for information. I usually never question
the identity of the person at the other end of the line.
Now I am implementing a method for verifying that the
person is an actual franchisee.”
Mitch (VP of Bead Bar on Board) “I use passwords
to protect my notebook computer and PDA. In the
past I always used my birthday and I never changed my
password. Now my password is complicated, using letters,
numbers, and punctuation.”
Julia (Chief Financial Officer) “We are
increasingly relying on information systems to process
financial data. As the CFO, I need to work with Abe to
ensure our data retention requirements are met.”
Miriam (VP of Marketing and Sales) “My
department regularly gives out marketing information to
other managers and studio employees. We need to
develop a system to ensure that only people who should
have access to this information, get this information.”
Rachel (VP of Operations and Purchasing) “I
am in the process of working with Abe to develop a comprehensive
disaster recovery plan. He will handle the
computer systems aspect, but I need to determine what
each of our employees should do in the event of a disaster.
I am also working to ensure that we have multiple
vendors for all our important products. Finally, physical
security is part of my responsibility. So I am reviewing our
physical access controls.”
Jim (Director of Human Resources) “My
main objective is to develop a security and disaster recovery
training plan for our employees. In addition, Rachel
and Abe would like me to work with temporary companies
to fill key positions in the event of a disaster. Abe has
also asked me to implement specific policies as they
relate to security and disaster recovery.”
Abe (Chief Information Officer) “I’m working
on an information security plan that includes technical,
procedural, and educational approaches. This plan
will touch multiple departments. I need to work with Julia
on data retention, Rachel on disaster recovery, and Jim on
FIX PC ERRORS
PC Integrity Scanner
Know What Happens on YOUR PC
Posted in 
Tags: 
OK to answer question No.1 I would say that information leaking is one of the biggest problems in any company. Second, the loose of the data, or in other words, the destruction by natural disaster or intentional from inside of the company or outside. Third, the reputation of the company between customers, shareholders and the public (Also the media).
To question No 2. I would say that as Security Administrator you have to implement a policy in which you make the rules for the use of Intra net, Internet and all point access that you have for employees, vendors, and customers, etc.
And also audit your policy that way you are in compliance (Sarbanes-Oxley Act).
For answer question 3. It sounds that your company is from medium to big, I would implement a hot backup disaster recovery plan, for sure. That way you don’t have to wait to long for get all you data.
Good Luck