Objective: To identify vulnerabilities and risks to an organization’s Information Technology infrastructure and possible security controls to mitigate (reduce) the risks. Steps:
1) PepsiCo an organization of your choice. This can be an existing one or a future business.
2) Identify the organization’s mission and Information Technology-based processes, used to support its mission. 3)From the list of processes, identify one of the organization’s CRITICAL business processes. (Illustrate this process with a diagram to be included in the body of your paper). A critical process is key to an organization’s success and ultimate survival.
Note that section 2.1 in course textbook provide information on business processes. Further examples of business process categories are:
a. Transaction processing systems (TPS),
b. Enterprise Resource Planning (ERP),
c. Functional Area Information Systems.
4) Specifically assess the Information Security weaknesses (vulnerabilities) and risks for the selected critical process.
5) Identify the threats to the critical process.
6) Present information security techniques and strategies to protect the organization against the identified risks, vulnerabilities and threats to this critical process.