Professional Documents
Culture Documents
Module - 4
1
Learning Objectives
2
Chapter 1
Information Systems Management
3
Information Systems Management
• Strategies for an Organization
• Support Decision Making
• Support the Business Process
• Support Operations of an Organization
4
Information Systems Organization
• Based on Decision Making
• Based on Processing Requirement
• Based on Hierarchy Requirement
5
Information Systems Service Management
• Service Strategy
• Service Design
• Service Transition
• Service Operation
• Continual Service Improvement
6
Roles & Responsibilities
• User Data
• Data Owner
• Data Custodian
• System Owner
• System Administrator
• Database Administrator
• Network Administrator
• Process Owner
• User Manager
• Steering Committee
• Security Manager
• CISO
7
Human Resource Management
• Prior to employment
• During employment
• Termination or change of employment
8
Training & Education
• Instructor led Training
• E-Learning
• Simulation based training
• Hands on training
• Coaching or mentoring
• Group Discussions and Activities
• Role Playing
• Management Specific Activities
• Case studies
9
Supply Chain Management (SCM)
• E-Commerce
• Electronic Data Interchange (EDI)
• Data Warehouse
• Enterprise Resource Planning (ERP)
• Internet Technologies
• Mobile Communications
• Payment Gateways
• Fin-Techs
• Software & Applications
10
Customer Relationship Management (CRM)
• E-Commerce
• Data Warehouse
• Enterprise Resource Planning (ERP)
• Internet Technologies
• Payment Gateways
• Software & Applications
• Data Mining
• Artificial Intelligence
• Business Analytics
11
Issues and Challenges of Information Systems
Management
• New Technology
• Personal Devices
• Interoperability
• User Systems
• Cyber Security Threats
• Data Control
• Trained Manpower
• Management Support
• Service Level Agreement
• Fourth Party Risk
12
Summary
Information Systems Management which involves application of
people, technologies, and procedures collectively to solve
business problems.
Organizations can be classified based on decision making,
hierarchy and processes.
IT services should be aligned with business needs and actively
support organization.
There should be clear definition of roles and responsibilities of
employees in an organization for the realization for various
processes.
HRM has a role to play in Information Systems and security
matters.
13
Practice Questions
14
1. Which of the following is a common feature
for all the policies?
A. Encryption
B. Standards
C. Acceptable use policy
D. Process
16
3. Which of the following training an employee can
acquire while working on his/her desk in the office?
A. E-learning
B. Simulator based training
C. Instructor led training
D. Hands on training
17
4. For an unexpected and sudden changes in technology,
organizations need to be
A. Innovative
B. Agile
C. Expert
D. Doer
18
5.Who owns the data in a department?
A. System owner
B. Process owner
C. Data custodian
D. Data owner
21
The correct answer is B
24
10. Which department is MOST LIKELY to store
Personally identifiable information (PII) data ?
A. Management
B. Information System Department
C. Marketing Department
D. Human Resource Department
26
Information Systems Operations
27
Management of IS Operations
• IT Infrastructure - Server operations Interface
• IT Infrastructure – User operations Interface
• Server operations – User Interface
• IT Infrastructure – Server operations – User operations
Interface
28
Asset Management
• IT asset management methodology
• Benefit of IT asset management
29
Change Management
• Request for Change (RFC)
• RFC Analysis
• Change Prioritization
• Categories
• Change Advisory Board
• Change Schedule
• Test Change
• Implementation
• Review
30
Configuration Management
31
Version Control
• Remote team coordination in development
• Improvement in Scalability
• Fast, Efficient and reliable
• Integrity in Version is maintained
• Improved Accountability
• Immutability(locking of version)
• Atomic Transactions
32
Log Management
• Identification of log events to be recorded
• Log collection – collecting events in a log file
• Log Aggregation
• Storage of aggregated logs
• Analysis & Reporting
33
User Management
• Creation of User Profile
• Use Account Types
o Benefits of User Management
• Account Modification
o By the Administrator
o By the User
• Account Termination
• Deleting User Profile
34
Operation Helpdesk & User Assistance
35
Operations Performance Measurement
• Availability
• Incident
• Quality
• Productivity
• Return on Investment
• Value Creation
36
Summary
There are various functions such as, Asset Management, Change
Management, Configuration Management etc. for Information
system operations.
Effectiveness and efficiency of the Information Technology
department is heavily dependent on these functions.
Measurement and continual improvement of these functions is
necessary for value creation for an organization.
37
Practice Questions
38
1.Why should organizations want to manage logs?
A. To be informed when something unusual happens involving a
system or application
B. To be able to do take action in response to a security event
C. To keep a record of all the responses to security events
D. All of the above
39
2. When implementing a log management program,
it's BEST to start with:
A. Technology from a trusted vendor
B. The same program and process that organizations with
similar business are using
C. List of top-three vendors from a published report
D. A careful review of the organization's log management and
reporting needs
40
3. The security principle of least privilege is:
A. The practice of limiting permissions to the minimal level that
will allow users to perform their jobs.
B. The practice of increasing permissions to a level that will allow
users to perform their jobs and those of their supervisor.
C. The practice of limiting permissions to a level that will allow
users to perform their jobs and those of their immediate
colleagues.
D. The practice of increasing permissions to a level that will allow
users to use the cloud services of their choice in order to get
their jobs done more quickly.
41
The correct answer is A
42
4.Why does privilege creep pose a security risk?
A. Users privileges don't match their job or role and
responsibilities.
B. Because with more privileges there are more
responsibilities.
C. Users have more privileges than they need and may use
them to perform actions outside of their job description.
D. Auditors may question about a mismatch between an
individual's responsibilities and their privileges and access
rights
46
8. During development of a software system, which of
the following will be used to maintain software
integrity?
A. Configuration Management
B. Version Control
C. Change Management
D. None of the above
47
9. Who of the following would approve or reject major
changes in configuration?
A. Management
B. Change control board
C. User
D. System Administrator
49
Chapter 3
Software Operations & Management
50
Layers of Software between users and hardware
51
Operating System
• Process Management (Processor Management)
• Memory Management
• File Management
• I/O-System Management
• Secondary storage Management
• Networking
• Protection System
• Command-Interpreter System or GUI
52
Application Software
53
Application Software
54
Software Testing
55
Software Testing Levels
• Unit testing
• Integration/Interface Testing
• System testing
• User Acceptance Testing
56
Software Maintenance
• Preventive Maintenance
• Corrective Maintenance
• Adaptive Maintenance
• Perfective Maintenance
57
Software Maintenance Process
• Scope of Maintenance
• Plan of the Maintenance
• Software Maintenance
• Software Testing
• Go-Live
Challenges of Maintenance
• Job Change
• Structure of the Software
• Understanding of Scope of Work
• Scalability Issue
58
DBMS - Database Management System
• Data
• Database
• Relation Database Management System (RDBMS)
59
Characteristics of RDBMS
• Entity
• Schema – Physical, Conceptual and External
• Tables
• Relation
• Metadata
• Keys – Primary key and Foreign key
• Isolation of data and application
• Normalization
• Transaction
• ACID Properties – Atomicity, Consistency, Isolation,
Durability
• Data Integrity
• Multiuser and Concurrent Access
• DBMS Views
• Security 60
Structure Query Language (SQL)
• DDL
• DCL
• DML
System Architecture
61
Network Services
• Internet Service
• DNS service
• E-mil Service
• Web Service
• Directory Service
• Print Service
• DBMS Service
• Video Conferencing
62
Backup Strategies
Important Backup Considerations
• Backup Policy
• What to Backup
• Backup Frequency
• Backup Storage Location
• Backup retention Period
• Testing
• Training
• Tape Control
Backup Methods
• Full Backup
• Incremental Backup
• Differential backup
• Virtual Full Backup 63
Patch Management
64
Summary
65
Practice Questions
66
1.The main focus of acceptance testing is
A. Ensuring that the system is acceptable to management
B. Accepting errors & bugs in the system
C. Ensuring that the system is acceptable to users
D. Ensuring that the system is acceptable to auditors
67
2. Which of the following test would be carried out
when, individual software modules are combined
together as a group?
A. Integration testing
B. Unit testing
C. System testing
D. White box testing
69
The correct answer is D
70
4. When evaluating the effectiveness and adequacy of a
preventive computer maintenance program, which of
the following would be considered to be MOST helpful
to an IS Auditor?
A. A system downtime log
B.Vendors' reliability figures
C. Regularly scheduled maintenance log
D. A written preventive maintenance schedule
71
The correct answer is A
73
6. Which of the following will ensure that a column in
one table will have a valid value or shall be “null” in
another table’s column?
A. Primary key
B. Secondary key
C. SQL
D. Foreign key
74
7. Database normalization is
A. Data redundancy optimization
B. Data logging and accountability
C. Streamlining data process
D. Deleting temporary files
77
The correct answer is D
78
10. An organization has recently installed a security
patch, which crashed the production server. To
minimize the probability of this occurring again, an IS
auditor should:
A. Apply the patch according to the patch's release notes.
B. Ensure that a good change management process is in place.
C. Thoroughly test the patch before sending it to production.
D. Approve the patch after doing a risk assessment.
80
Incident Handling & Response
• Cyber attack by hackers
• Breach in cyber security
• Attack on National Critical Infrastructure
(IT enabled)
• Virus or Malware induction
• Hacking & Advance Persistent threat
• vi Misconfiguration of System
• Software malfunction
• Human error in IT department
81
Incident Response Process
• Prepare
• Identification
• Containment
• Eradication
• Recovery
• Follow up
• Lessons learnt
• Documentation
82
Benefits of Incident Management
83
Cyber-Security Framework
• The National Cyber-Security Policy 2013
Policy Objectives
To create a secure cyber ecosystem in the country, generate
adequate trust & confidence in IT systems and transactions in
cyberspace and thereby enhance adoption of IT in all sectors of
the economy.
Strategies
To designate a National nodal agency to coordinate all
matters related to cyber security in the country, with
clearly defined roles & responsibilities.
84
Security Operation Centre (SOC)
SOC Characteristics
• Policy, Standards and Guidelines
• Top management support
• Investment
• People
• Process & Procedures
• Technology
• Environment
• Analytics & Reporting
• Physical Controls
• Continuous Improvement
85
Computer Emergency Response Team (CERT)
• CERT-In,
• 70 B Indian Computer Emergency Response Team to serve as
national agency for incident response
86
SIEM Tool and their Utility
87
SIEM Tools Utility
• Discover vulnerabilities
• Uncover threats
• Monitoring
• Compliance
• Security profile
• Internal Intelligence
• Alerts
• Reporting
• Incident Management
• Forensic Investigation
88
Summary
89
Practice Questions
90
1. Basic operation of the SIEM tools, on the logs collected
from the devices is
A. Correlating the log
B. Collecting the log
C. Analyzing the log
D. Live Correlating the log
91
2.Which of the following is not a part of SIEM tools?
A. Sensor
B. Collector
C. Agent
D. Log
92
3.Which one is not the part of SIEM application?
A. Risk assessment
B. Vulnerability Scanning
C. Real time monitoring
D. Normalization
93
4. How does a SIEM tool handle the issue of Completeness
of log?
A. Encryption
B. Hashing
C. Digital Signing
D. Time stamping
95
The correct answer is A
96
6. The main goal of Security Operation Centre (SOC)
is
A. Detect, analyze and report
B. Detect, analyze and respond
C. Collect, analyze and report
D. Collect, analyze and respond
97
7. What is the primary purpose of an incident
management program?
A. Identify and assess incidents
B. Conduct lessons learned sessions
C. Alert key individuals
D. Assign responsibility
98
8. SOC shall be ineffective without the support of –
A. Risk
B. Budget
C. Top management
D. Quality
99
9. Phases of an incident management program
A. Prepare, Respond, and follow up
B. Plan, prepare, and respond
C. Plan, prepare and follow up
D. Prepare, plan and respond
100
10. Within an Incident Response Management program,
the Containment phase aims to
A. Block the event
B. Reduce the impact
C. Remove the event
D. Rise the event
101
? Questions
102
Thank You
103