COIT20263 Assignment Help
Information Security Management Assignment help
The Scenario for Information Security Management Assessment Two -part two Tasks
Intelligent System and Security Solution (ISSS) is a consulting and software development company dedicated in providing technical and security solutions to its client. Their service also includes helping clients to detect, investigate, and respond to cybersecurity threats and incorporating artificial intelligence (AI) to accelerate the process.
ISSS has two offices located in Melbourne (head office) and Sydney. However, ISSS also has clients base in other cities as ISSS provides online consultation services as well. The company is headed by a CEO who manages five teams – a consulting and development team, an IT team, a HR team, a marketing and business development team, and a finance team. The consulting team is divided into four divisions such as networking solution specialists, software solution specialists, security solution specialists and artificial intelligence/machine learning based solution specialists.
ISSS staff work in a distributed environment and regularly communicate via online video/audio conferencing tools. A few of the staff mostly work from home, but occasionally comes to the office to attend meetings and catch up with the team members. The company has provided staff laptops to work remotely. The marketing and business development team and consultation team members frequently visit client offices to negotiate contracts. ISSS clients regularly communicate via the company website. The company uses various software and application tools to support its business activities. Some of these software and tools are licensed, but the rest are free and open source. The company has a large repository of files, documents, and customer information which are stored locally. However, with the recent growth of business, ISSS is also considering different cloud service options for storing data and information.
Due to the recent security breach incidents all over the world, the Chief Information Officer (CIO) and Chief Information security Officer (CISO) of ISSS would like to review, revise and update (if needed) their information security program.
ISSS is also currently considering offering some of their developed software with a cloud computing service, as Software as a Service (SaaS) solution. However, since ISSS does not provide hosting solutions, it is considering using cloud service providers (CSPs) that specialise in providing hosting solutions as Infrastructure as a Service (IaaS). Leveraging an IaaS CSP for hosting would allow ISSS to remain focused on its main expertise. Although cloud service would improve flexibility and bring financial benefits, the security aspect needs to be thoroughly investigated. The chief information officer (CIO) of ISSS wants you to review and assess the risks of offering a SaaS solution and adopting IaaS cloud computing for this arrangement. CIO also wants to review the risks associated with using cloud storage.