Mrs. Bortello presents to the primary care office requesting assistance in the home. She is 86 years old and has a medical history of diabetes and congestive heart failure. She states she has noticed a recent increase in weakness when she is ambulating within the home and she is fearful about falling and suffering a hip fracture.

/in /by

Case Study: Concepts of Aging

Suzanne Jackson is a registered nurse working in the office of an internal medicine physician. In this setting, Ms. Jackson has encountered a significant number of patients who identify with the older adult population. Many of them have significant comorbid conditions. Mrs. Bortello presents to the primary care office requesting assistance in the home. She is 86 years old and has a medical history of diabetes and congestive heart failure. She states she has noticed a recent increase in weakness when she is ambulating within the home and she is fearful about falling and suffering a hip fracture. Further discussion between Ms. Jackson and Mrs. Bortello indicates that the patient is interested in assistance with shopping and activities of daily living (ADLs)

Question 1

Which of the following settings of care would be most appropriate for Mrs. Bortello’s housing needs?

A.       Acute care

B.       Long-term care

C.       Independent living

D.       Subacute care

Question 2

Housing for the older adult is primarily based on which of the following factors?

A.       Promotes functional independence

B.       Promotes functional dependence

C.       Provides access to primary care

D.       Provides access to transportation

Question 3

Older adults tend to move less frequently and prefer to grow older where they reside. This is known as:

A.       Ageism

B.       Aging in place

C.       Countermigration

D.       Immigration

Question 4

Which assessment tool is used to determine the capacity of the older adult to carry out basic self-care activities?

A.       Geriatric assessment

B.       Depression screening tool

C.       Nutritional assessment

D.       Functional ability

A critical précis should very briefly summarize the content and argument, placing the reading within its disciplinary/theoretical field. What question(s) is the author trying to answer? What issue in the field is s/he responding to? How successful is the piece, and what contributions does it make? How does it engage with other readings/themes/questions in this course?

/in /by

A critical précis should very briefly summarize the content and argument, placing the reading within its disciplinary/theoretical field. What question(s) is the author trying to answer? What issue in the field is s/he responding to? How successful is the piece, and what contributions does it make? How does it engage with other readings/themes/questions in this course?

What do you feel is the role of a leader within a team? Include examples of leadership you have experienced when working on teams.

/in /by

In this final week, we will shift to discuss how leaders can help facilitate effective teamwork. You will leverage what you have learned about communication, leadership, conflict resolution, and team dynamics to help the teams you work on make the best decisions they can.

For this week’s discussion, consider the learning activities you’ve completed and your own experience within a team.

Respond to the following in a minimum of 175 words:

  • What do you feel is the role of a leader within a team? Include examples of leadership you have experienced when working on teams.
  • You might have experience making decisions and solving problems on your own, but these tasks are quite different when working in a team. What would you need to consider when leading a team in making decisions and solving problems?
  • How can you apply what you learned in this class when faced with a problem or conflict in a team setting?

What Are The Key Differences Among PMI-ACP, PRINCE2 Agile And Scrum Master Certifications?

/in /by

If you’re among the Project Management field, or if you’ve constantly wanted to immerse yourself throughout this thriving discipline, you’ve possibly questioned concerning what steps you’d prefer to need to urge certified to advance your career. The Project Management virtuoso (PMP) and PRINCE2 certification unit of measurement is very supposed among the sphere and will validate for employers your understanding of key project management concepts and, therefore, the thanks to using them throughout the project management lifecycle.

So that begs the question: that certification is correct for you? It’s not a simple decision, to be sure, however, worry not – we’ve done plentiful of the toil for you! this text offers a top-level view of PRINCE2 Vs. PMP certifications, necessary edges, and job prospects for everybody. Browse on to make the proper choice!

What is the Key distinction Between PRINCE2 Vs. PMP?

Fundamentally, the PRINCE2 and PMP Certification involve two all completely different project management frameworks. Everyone provides a body of knowledge, and a tested approach to managing comes effectively. Selecting one over the alternative may be a decision that involves several factors. The most effective choice have to be compelled to be supported by the trade or company you are going to build a career in, and conjointly the design of the project you’re reaching to lead or direct. Every certification program unit of measurement of equal value, albeit in many aspects of project management.

The Project Management virtuoso (PMP) Certification

One of the foremost very regarded certifications among the planet for project managers, the PMP or Project Management virtuoso Certification, maybe a qualification program that is offered by the Project Management Institute (PMI). Varied industries use PMP as a customary demand for project managers. Turning into a PMP empowers you to work with any methodology and in any trade. The certification course covers an oversized spectrum of project management techniques and competencies that unit of measurement necessary for any project manager and will facilitate increase your earning potential. This course, administered by PMI among the USA, has together gained quality in Europe and Asia.

The PMP Qualification

It is indicative of your proficiency in practice the PMBOK Guide, the Project Management Book of knowledge.

Verifies your info concerning “generally-accepted” best practices and principles of project management.

The comes in Controlled Environments (PRINCE2) Certification.

The PRINCE2, or ‘Projects IN Controlled Environments’ certification, maybe a process-based project management technique that provides a scientific approach to delivering a prosperous project with clear templates, processes, and steps. The certification is methodology and project-focused. PRINCE2 is run among the dominion by the APMG.

The PRINCE2 Qualification

It is a broad, high-level, general framework of project management principles that suggest it’s urged for and will be implemented with relation to any project.

Has a well-laid out and standardized approach to project management.

Spells out the roles and responsibilities of each member of the team tasked with managing the project.

Divides the master project started into project plans, stage plans, and team plans, which eliminates ambiguity and makes it easier to execute the project.

It is every project and methodology targeted.

Industry Demand

If you’d prefer to urge one in every one of these certifications, it’s a necessity that you simply do your analysis before you begin to steer down one path vs. the other. Each certification is in higher demand in specific geographies, so you’d prefer to see that of the two certifications, which will boost your employability. Also, one or two of trade sectors like PRINCE2 certification, whereas others just like the PMP certification.

The PMP certification is most well-liked among the USA, Canada, geographical region, and Australia. PRINCE2, however, is recognized among the dominion, Europe, and Australia.

Region-Wise Preferences of the Project Management Certification

PRINCE2 Vs. PMP: pay Prospects

Several studies and surveys show that certified professionals in project management earn way more than their non-certified peers. Having a project management certification, significantly ones like PRINCE2 and PMP, signifies that a person is responsive to and understands the universal language of project management.

The PMI Project Management pay Survey – Tenth Edition states that the salaries of project managers around the world still climb.

In the U.S. alone, the everyday annual pay of a licensed PMP is $112,000 p.a. They earn a median of two-hundredths quite their non-certified peers. The most effective average get PMPs is within the European nations at $130,966.

Create a 6- to 8-slide Microsoft® PowerPoint® presentation in which you: Explain the importance of leadership to a team. Explain leadership practices you incorporated into your leadership style.

/in /by

Assignment Content

  1. Based on your stellar project management skills, the team was able to reach its goal on time (and within budget). The team’s performance was such a success, you have been asked to give a presentation to other managers on your approach to leading a team.

    Create a 6- to 8-slide Microsoft® PowerPoint® presentation in which you:

    • Explain the importance of leadership to a team.
    • Explain leadership practices you incorporated into your leadership style.
    • Provide examples of how you incorporated those leadership practices within your team.
    • Discuss leadership strategies the other managers can use to motivate their own teams.
    • Summarize the challenges you encountered through the team’s process and what decisions you would have made differently.
    • Team formation
    • Conflict Resolution
    • Resource Planning and allocation
    • Leadership
    • Review the Microsoft® PowerPoint® resources to enhance your presentation. Remember to add speaker notes to support your main points for each slide, with a minimum of 50-to-150 words per slide:
    • View PC – PowerPoint 2013 – View Speaker Notes or PC – PowerPoint – View Speaker Notes for a brief visual demonstration on adding speaker notes to your presentation.
    • You may conduct a search for PowerPoint tutorials in the Media Library for additional assistance using Microsoft® PowerPoint®.
    • You may add pictures and graphics to enhance your presentation, and you are welcome to change the design layout of the presentation.

For this assignment, you will be creating your own summative assessment based on the standard you selected and objectives you created.

/in /by

Creation of Summative Assessment

[WLOs: 1, 3] [CLOs: 1, 2, 4]

Once a unit of instruction has been taught, an educator may use a summative assessment to determine if learners have mastered the standards and learning objectives. Remember, the formative assessments determine how learning is occurring during instruction so that educators can make any necessary changes to support learning, whereas the summative assessment determines actual achievement of the standards and objectives reflected in a grade. For this assignment, you will be creating your own summative assessment based on the standard you selected and objectives you created.

Prepare

Prior to beginning work on this assignment,

Reflect

Begin thinking about the different ways that teachers assessed your knowledge. What were typical assessments that you experienced? Did they use multiple-choice tests, essays, projects, or presentations?

Content Instructions

Part 1

Complete the following using the Week 3 Test Blueprint template:

  • Create a test blueprint comprised of 10 test items that include the following criteria:
    • Six test items must be selected-responses (Must have at least one multiple-choice, one matching, and one true or false question. You can pick any other type of selected-response questions for your other 3 questions.)
      • Use the checklists found in Tables 8.6, 8.7, and 8.8 of your text (Chapter 8) to make sure your selected-responses meet the guidelines.
    • Three test items must be short-answer constructed responses (see Chapter 8.8)
    • One test item must be a performance-based assessment (see Chapter 7)
      • Examples: Presentation, Performances, Projects, Debates, Reports
  • Create your test items reflected in your testing blueprint. Be sure to label each question with the aligned objective and level of Bloom’s Taxonomy. Questions must address at least three different levels of Bloom’s Taxonomy which are reflected in your learning objectives.
  • Create an analytic rubric to assess the performance based assessment developed in the test blueprint. (see Chapter 7.6 and Creating and Using Rubrics (Links to an external site.)). It must include the following:
    • At least four levels of performance for rating scale (example: Novice, Apprentice, Practitioner, Expert or Exemplary, Proficient, Developing, Inadequate)
    • At least four different criteria that are aligned to the learning objectives and assignment (For example, your performance-based assessment might require criteria such as critical thinking, using research to support analysis, and grammar and mechanics)
    • Clear performance level descriptions for each criterion based on the rating scale.

Part 2

After you have completed your test blueprint and test questions, on a new page using the heading Reflection (center it), discuss the following questions:

  • Describe the advantages and limitations of using selected-response and constructed-response assessments.
    • Use evidence from your readings to support your analysis.
  • Discuss the main requirements of a good performance-based assessment and relate those requirements to the one you created. (see Chapter 7.4).
    • What are the benefits and challenges with using performance-based assessments? Consider the challenge of using rubrics to assess student work. Use evidence from your readings and at least one outside scholarly source.
  • Conclude with sharing your experience in creating this summative assessment.
    • What did you find most challenging? What was helpful for you in creating this summative assessment? Be sure to elaborate on your thoughts.

Writing and Formatting Expectations

Your Creation of Summative Assessment assignment

  • Must be eight to 10 double-spaced pages including the test blueprint, test questions, and reflection (does not include the title or reference page).
  • Must include a separate title page with the following:
    • Title of paper
    • Student’s name
    • Course name and number
    • Instructor’s name
    • Date submitted

For further assistance with the formatting and the title page, refer to APA Formatting for Word 2013 (Links to an external site.).

Executive Summary: Use the Executive Summary from the Unit VII Project assignment to prepare and present the key elements associated with your research and recommendations in the marketing plan.

/in /by

Board of Directors Presentation

You have done a tremendous amount of planning, research, and strategizing with your marketing plan in your role as the marketing manager. It is now time to present it to the company’s board of directors. You are to create a presentation in which you synthesize your research and recommendations from your previous assignments.

As you know, the ability to create and deliver strong presentations is a critical skill for all managers, leaders, and employees. You can improve this skill through practice. In this unit’s assignment, you will have the opportunity to hone your presentation skills.

In this assignment, create a PowerPoint presentation for the board of directors, and include speaker notes to elaborate on the information on each slide. Your presentation should contain at least 12 slides, not counting the title and reference slides.

You need to ensure that you address the items listed below.

  • Executive Summary: Use the Executive Summary from the Unit VII Project assignment to prepare and present the key elements associated with your research and recommendations in the marketing plan.
  • Remember to use bulleted text, and include a minimum of two graphics. Ensure you reference the sources for your images.
  • Include speaker notes for each slide of your presentation, to indicate what you want to convey in your presentation to the board of directors.
  • Your presentation should have a professional style and appearance.

suggest how we might limit access to specific types of data and protect vulnerable data from outside threats. Since we will be presenting to non-technical managers, you will need to explain the difference between authentication, authorization, and access control in plain language.

/in /by

Project 2: Authentication, Authorization, and Access Control
Start Here

Authentication, Authorization and Access Control

[Music]

On your computer monitor, you read the meeting topic: “HR Data Access.” You think, “This might be a tricky one.”

You remember a discussion with John, the CTO, about conflict caused by the sharing of information between two departments. Grabbing your laptop, you head to the meeting.

In the conference room, John is already waiting. He says, “We will be joined by the VP of HR and the managers of the Payroll and Training departments. Our focus will be on access to data that is housed in the HR database.”

The door opens and the other three attendees walk in.

Amy Jones, the vice president of HR, begins: “The database that we use contains all employee data, ranging from payroll and benefits information to training and performance results. The issue that we are facing, and that I hope you can help us alleviate, is that all departments within Human Resources have full access to all of the data within the database.

“Recently, it was brought to my attention that the training department has access to payroll data.”

The two managers glance at one another.

John says, “I believe we can come up with a solution. As a matter of fact, this could be an opportunity to also evaluate the risk level that the HR database has from outside threats.”

John turns to you: “I would like you to prepare a presentation for HR management.

“In this presentation, you will suggest how we might limit access to specific types of data and protect vulnerable data from outside threats. Since we will be presenting to non-technical managers, you will need to explain the difference between authentication, authorization, and access control in plain language. The presentation will be scheduled in three weeks.”

After the meeting, you realize that while you might understand the problems of data access, other employees may not be aware of the issues involving information access in an organization. Your presentation will have to be understood by employees who do not have an information technology background.

Organizations have two concerns surrounding access to data: They must limit access to data from outside the organization as well as control which people have access to what data within the organization. In this project, you will explain to management the difference between authentication, authorization, and access control, and suggest how to keep outsiders from getting in and keep insiders from getting data they shouldn’t.

This is the second of four sequential projects. During this project, you will research the models for authentication, authorization, and access control. You will also communicate the recommended solution to a nontechnical audience.

There are 13 steps in this project. Begin by reviewing the project scenario and then proceed to Step 1.

Competencies

Your work will be evaluated using the competencies listed below.

  • 5.3: Support policy decisions with the application      of specific cybersecurity technologies and standards.
  • 6.2: Create an information security program and      strategy, and maintain alignment of the two.
  • 6.3: Integrate the human aspect of cybersecurity      into an organization’s cybersecurity policy.
  • 9.3: Risk Assessment: Assess policies, processes,      and technologies that are used to create a balanced approach to      identifying and assessing risks and to manage mitigation strategies that      achieve the security needed.

Step 1: Explore the Basics of Authentication

In order to build a presentation with the most current information available, you will gather information by reaching out to a group of your peers working in various industries. In the next three steps, you will prepare background information for this discussion.

  • You’ll      need to have a basic understanding of authentication. Define      authentication and identify the core principles and key tenets of authentication as listed below. Review the      following topics: computer networksnetwork devices and cables, and network protocols.
  • Identify      the ways in which someone can be authenticated (e.g., userIDs, passwords).
  • Describe      how authentication has evolved over time and identify stressors that have      resulted in changes to authentication.
  • Identify      the different types of authentication (e.g., layered or two-factor),      compare and contrast their attributes, and give examples of each.
  • Compare      and contrast single-factor and multifactor authentication.

In the next step, you will continue with your exploration of data access models with a look at authorization.

Step 2: Explore the Basics of Authorization

Another topic you’ll need to be prepared to discuss is authorization. Define authorization and differentiate it from authentication (similarities and differences). You will use the notes compiled in this step in your upcoming peer discussion. Complete each of the items listed below.

  • Define authorization      and identify examples of authorization schemes.
  • Determine      how access policies are used to express authorization rule sets. Identify      key principles of access policies.
  • Identify      the challenges that can arise when policies are used to maintain authorization      rules. Identify solutions to mitigate these challenges.

In the next step, you’ll complete your exploration of data access models with a look at access control.

Step 3: Explore the Basics of Access Control

One last topic to prepare for the upcoming discussion is access control: Define access control and then differentiate between access control, authentication, and authorization. You will use the notes compiled in this step in your upcoming peer discussion. You should describe the different access control models and how they are used, including, but not limited to, the list below.

Again, review the following topics if needed: systems, utilities, and application softwareinteraction of software, and creating a program.

  • RBAC: role-based      access control
  • MAC: mandatory      access control
  • ABAC:      attribute-based access control
  • IBAC: identity-based      access control

After completing this step, you are ready for the next step, in which you will compile a report on the psychological aspects of cybersecurity.

Step 4: Write a Social Psychology Report

In the previous steps, you explored the basics of authentication, authorization, and access control and common models of implementing them. Your next task in preparing for the discussion with your peers is to consider the impact that human factors, such as ethics, legal issues, and psychology have on cybersecurity.

To synthesize your research on these factors, you will write a report on the psychological aspects of cybersecurity. This report will be used to formulate recommendations later in the project and be included as an appendix to the final presentation in the last step of this project.

In this report, do the following:

  • Explore      the typical intrusion motives/hacker psychology. Classify the types      of hackers and threat actors and give an example of a      potential incident.
  • Define a      cybersecurity policy as it relates to employees and employment. For      example, how would an organization apply a security policy to employees      and employment in relation to network-related programming or other      cyber-related positions?
  • Define      the separation of duties policy and give an example.
  • Define redundancy and diversity and explain how they relate      to cybersecurity access control. Give an example of a policy integrating      the concepts of redundancy and diversity to reduce risk.
  • Summarize      how the implementation of the access control mechanisms mentioned in this      section may have a positive or negative consequence on employee      productivity.
  • Suggested      length is four to six pages.

Submit the report for feedback.

Step 5: Compose a Privacy Awareness Report

Following the report on the impact of social psychology on cybersecurity, you will compose a report on privacy awareness and the implications on cybersecurity policy to further prepare for the discussion with your peers. This report will be used to formulate recommendations later in the project and be included as an appendix to the final presentation in the last step of this project.

In this report, complete the following:

  • Define ECPA (Electronic Communications Privacy Act)      and explain how it affects cybersecurity today. Give an example of how it      might come into play at your organization. Suggest how policy at your      organization could support ECPA compliance.
  • Define FISA (Foreign Intelligence Surveillance Act)      and explain how it affects cybersecurity today. Give an example of how it      might come into play at your organization. Suggest how policy at your      organization could support FISA compliance.
  • Identify any other privacy law that may affect your      assigned organization. Give a brief summary of what the law does, how it      affects your organization, and how policy could support compliance.

Submit the report for feedback.

Submission for Privacy Awareness Report

Step 6: Compile an Anonymity Report

To go along with the reports on the impact of social psychology on cybersecurity and the impact of privacy awareness on cybersecurity policy, you will now report on the implication anonymity has on cybersecurity by giving a brief one-paragraph summary on each of the items within the bulleted list below.

Submit this report for feedback.

Submission for Anonymity Report

Step 7: Create a Concept Map

You have explored and reported on the human aspects of cybersecurity. Chief information security officers frequently make security decisions in high-pressure environments and deal with individuals whose actions may violate certain standards of behavior and ethics. In this step, you will review several scholarly sources that discuss issues and concerns that a CIO and CIO staff may be faced with in the normal course of duties.

After you have reviewed these materials, create a concept map of important issues, concerns, and best practices or model solutions to common problems. Your goal in creating this map is to develop a visual aid which can help decision makers identify important aspects of a cybersecurity issue revolving around human behavior as they seek to resolve the issues in a manner that is in keeping with an organization’s ethical standards and practices.

Review the following scholarly sources:

1. Dunn Cavelty, M. (2014). Breaking the cyber-security dilemma: Aligning security needs and removing vulnerabilities. Science & Engineering Ethics, 20(3), 701–715. http://ezproxy.umgc.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=asn&AN=97178206&site=eds-live&scope=site

2. Evans, M., Maglaras, L. A., He, Y., &Janicke, H. (2016). Human behaviour as an aspect of cyber security assurance. https://arxiv.org/ftp/arxiv/papers/1601/1601.03921.pdf

3. Draper, C. & Raymond, A. H. (2020). Building a risk model for data incidents: A guide to assist business in making ethical data decisions. Business Horizons (2020) 63, 9-16. https://doi-org.ezproxy.umgc.edu/10.1016/j.bushor.2019.04.005

Build Your Concept Map

You can use MS Word or PowerPoint to create your map using boxes, ovals, and connecting lines. Below are simple concept maps made using MS Word’s Smart Art. Your concept map should have between 15 to 20 concepts total.

Example One:

A sample concept map. An orange node at the top reads “Human Aspects of Cybersecurity.” It branches down into three yellow nodes that read “People, Processes, Policies,” “Behaviors,” “Motivations,” and “Ethical Dilemmas.”

Example Two:

Note: if you are not familiar with how to build a concept map and would like more information, see the following https://www.lucidchart.com/blog/how-to-make-a-concept-map

Step 8: Assess Authentication, Authorization, and Access Control

Now that you have explored authentication, authorization, and access control, you will direct attention to the specific issues of your assigned organization.

Identify particular issues that the organization has had, currently has, or could potentially have in terms of authentication, authorization, and access control. Next, assess the potential effectiveness of the access control models from Step 3 for the organization and scenario.

Document your assessment, as you will refer to this information throughout this project.

Career Connections

In many twenty-first century professions, expertise in your own field is not always enough. Sure, you are well on your way to becoming an expert in cybersecurity management. But the cybersecurity field exists so that professionals in other field can be confident that their computing platforms are safe. Knowledge of the types of information, processes, teams, and real-life activities that other professionals engage in is what will enable you to make the best decisions about how to ensure CIA on widely disparate platforms in different environments.

In the next step, you will look across your industry to determine best security practices.

Step 9: Research Industry Best Practices

In the first three steps, you gathered information regarding authentication, authorization, and access control and had an opportunity to apply these concepts through training. You have thought about how to apply this knowledge to your organization, and you wrote reports on how psychology, anonymity, and privacy awareness affect cybersecurity. You are finally ready to meet with your peers in the industry to get a sense of current practices.

The peer discussion can take various shapes. Research online articles and/or interview colleagues, friends, and acquaintances in different fields to gather the most current information of what various industries are doing to face their cybersecurity needs. The information and ideas that you obtain here will help you to formulate a recommendation and develop a job aid for the human resources (HR) managers that John requested. You will need to at least cover the items in the list below.

  • Give      examples of authentication, authorization, and access control that you      have seen in your experience, in your assigned organization, and/or in      research and interviews.
  • Discuss      what worked well and what could be improved.
  • Discuss      the role of policy in defining and implementing authorization schemes as      applied to your experience.
  • Apply key      points and principles in the NIST cybersecurity framework for virtual machine cybersecurity.
  • Analyze      the technologies, uses, and roles of information assurance and software      protection technologies.
  • Prioritize      current cybertechnological threats faced at the enterprise, national, and      international levels.
  • Evaluate      the procedures, policies, and guidelines used to protect the confidentiality, integrity, and availability of      information (CIA triad).

Use the information gathered here to assist in formulating your recommendations in the next step.

Step 10: Formulate Recommendations

From the information that you have gathered throughout this project, formulate a recommendation for authentication, authorization, and access control. If you determine that your organization needs no changes in these areas, explain your position and what leadership (and you, as CISO) will continue to monitor to ensure that security standards are commensurate with expectations.

Make sure to consider the needs of restricting data from department to department as appropriate, protecting the organization’s HR data from outside and inside threats in general and allowing for employees to access the data they need while offsite. Also consider the human aspects of cybersecurity from the previous steps. Include a recommendation for an ongoing risk management strategy. You will include your recommendations in your Implementation Guidance Presentation in the last step.

The recommendation must meet the following criteria:

  • coincide      with IT vision, mission, and goals
  • align with      business strategy
  • incorporate      all internal and external business functions
  • create the      organizational structure to operate the recommendation and align with the      entities as a whole

In the next step, you will take your recommendations and use them to create a job aid for HR managers regarding authentication, authorization, and access control so they can spread the information to the various departments.

Step 11: Develop a Job Aid

Now that you have formulated your recommendation for authentication, authorization, and access control, you will develop a job aid that the HR managers can take to their departments after the presentation.

This job aid will empower the HR managers to educate their staff on the topics of authentication, authorization, and access control in a simple and effective way to improve the security of their systems. The job aid will be distributed after the presentation.

Develop a short (two- to three-page) job aid that explains the differences between authentication, authorization, and access control using common-sense examples to help the reader understand the differences and the importance of each in protecting the organization’s information. The job aid should address all the items listed below.

  • Define—in layman’s terms—authorization,      authentication, and access control, and the relationships between them.
  • Identify and articulate examples that are easy to      comprehend and that would resonate with the company’s leadership.
  • Describe the importance of authorization,      authentication, and access control to the overall security of the      organization. Use details of the company’s products/services and the need      to protect them to emphasize the need for strong controls.

Submit the job aid for feedback.

Submission for Authentication, Authorization & Access Control Job Aid

Project 2: Authentication, Authorization, and Access Control
Step 12: Develop the Implementation Guidance Presentation

In response to the request from the CTO and VP of HR, you will develop a presentation for HR management which discusses how to limit access to specific types of data and protect vulnerable data from outside threats. You will explain the lineage of data, data ownership, and data-access related authentication, authorization, and access control. You will also take this opportunity to educate on the basic principles of data/network access control and to advocate for stronger access controls.

You will develop an 18- to 20-slide presentation that clearly explains the principles of authentication, authorization, and access control, examines various models, and recommends a strategy for the organization. You will use the information that you have gathered in the initial steps of this project. Make sure to include the following:

  • Describe      authentication, authorization, and access control as an important security      concept.
  • Evaluate      the different models and examples of authentication, authorization, and      access control.
  • Make the      case for changes to the organization’s authentication, authorization, and      access control policies/systems.
  • Present      the recommended strategy.
  • Discuss      how you will evaluate the effectiveness of the security program.

Submit the presentation in the last step.

Step 13: Check Your Evaluation Criteria

Your presentation should include the following as appendices:

  • Social Psychology Report (Step 4)
  • Privacy Awareness Report (Step 5)
  • Anonymity Report (Step 6)
  • Job Aid (Step 11)

Check Your Evaluation Criteria

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them. To view the complete grading rubric, click My Tools, select Assignments from the drop-down menu, and then click the project title.

  • 5.3: Support policy decisions with the application      of specific cybersecurity technologies and standards.
  • 6.2: Create an information security program and      strategy, and maintain alignment of the two.
  • 6.3: Integrate the human aspect of cybersecurity      into an organization’s cybersecurity policy.
  • 9.3: Risk Assessment: Assess policies, processes,      and technologies that are used to create a balanced approach to      identifying and assessing risks and to manage mitigation strategies that      achieve the security needed.

Submission for Implementation Guidance Presentation

What Are The Two Answers (One Simple And The Other Profound) To The Question, “Why Is Our Perception Of Colors And Details Worse In Dim Illumination Than Than In Bright Illumination?”

/in /by

What Are The Two Answers (One Simple And The Other Profound) To The Question, “Why Is Our Perception Of Colors And Details Worse In Dim Illumination Than Than In Bright Illumination?”

Emily comes to us with 25 years of experience in the service repair industry. Emily began her career as a service technician and quickly moved through the ranks to the first female service manager in ABC Appliance Service Company’s history.

/in /by

includes the following:

  • Business Case Investigation
  • Identify 4 employees to interview to support business analysis. For each employee, state the topic(s) used for questioning. The interview topics and responses will be used to influence future design.
  • A possible use case diagram for making an appointment and verifying parts availability
  • Identify the users of the system and requests into and out of the system.
  • Implementation resources needed for the project
  • Identify people and hardware. Human resources may include internal or external resources.

I am delighted to announce that Emily Johns will be starting at Appliance Warehouse today! Emily will be undertaking the role of Service Manager and will be the force behind creating our new service department.

Emily comes to us with 25 years of experience in the service repair industry. Emily began her career as a service technician and quickly moved through the ranks to the first female service manager in ABC Appliance Service Company’s history. After 17 years, she went to work for Acme Appliance Repair. Over the last 8 years, the revenue for Acme increased by 200% after being stagnant for the preceding 5 years

Our new service manager starts work today! This is great news! As our business starts to expand, we must move our software project along.

need to talk to some of our employees to better understand the functionality and requirements for the proposed system. This is important because they are the key stakeholders of the system.  list of employees who will want to interview.  learn the process for scheduling an appliance repair appointment and how the parts are obtained for those repair visits. Also, it is important to understand what reports that managers are hoping to extract from the new system. I find it is helpful to write down questions prior to your meetings as to not forget the topics that you want to cover.

My suggestion is at least 10 questions per person prior to the meeting. Make sure to use open-ended questions (at least 7 questions) to get the employees talking. Also use closed response and range of response questions. I find that each type of question can provide valuable information and are quite useful in requirements gathering.

Please send the questions to me for at least two of the interviews.

We have previously used both the Joint Application Development technique and the Rapid Application Development technique. However, many colleagues of mine swear by the agile technique. Each of these methodologies offer up some great advantages. Since we need to get this project done as quickly as possible, which of these techniques should be used? I want to ensure that we’ve created software that will handle all of our users’ requirements and that it is a robust system

I almost forgot to mention to also send a questionnaire out to the users of the proposed system.Should it be sent out to all employees or as a stratified or systematic sample?

18 hours ago

department in order to get the service estimates out to the customer and get the parts for the repair quickly. Meredith Parks (programmer): I think it would be a good idea to name our new service system. Any ideas? Alan Marks (store mgr): Service Information System? SIS? Emily Johns (service manager): Service Information Manager? SIM? Meredith Parks (programmer): OK, let’s vote. Meredith conducts a quick vote and all are agreed on SIM. Maddox Farley (parts director): I’m a little worried about how this SIM will affect my inventory levels. Meredith Parks (programmer): I need you to break this down a bit for me. Who is involved in this new process? Emily Johns (service manager): We definitely have the customers, parts department, parts, technicians, appointment setters, and calendar. Meredith Parks (programmer): OK, now we have our entities. What are the processes that will take place? Alan Marks (store mgr): Well, we will need to generate estimates and final invoices. Emily Johns (service manager): Right. And we’ll make appointments, order parts, assign technicians to appointments. Meredith Parks (programmer): Anything else? Emily Johns (service manager): A calendar should be able to be viewed or printed for each technician. Each technician needs their daily schedule of appointments at the beginning of each day. Alan Marks (store mgr): I don’t think so. Payment will be accepted by the current cashier’s system. Meredith Parks (programmer): OK.

18 hours ago

Questionnaire results Results are ordered by importance. The top result (#1) is the most important to that group. Most common features requested by appointment setters: Reminder services calls/messages See technician’s availability Determination of discounts for customers See availability of parts to schedule repair View service history Most common features requested by technicians: Able to view own calendar See availability of parts to schedule repair Keep notes for each customer Mobile access of scheduling View service history Reminder services calls/messages Most common features requested by parts department: Can pull inventory requests every two hours. Database of requested parts. Most common features requested by management: Reporting by time period, type of appliance, brand Determination of discounts for customers Mobile access of scheduling Routing and mapping of technician’s driving to appointments See technician’s availability Suggest preventative maintenance to customers

The Appliance Warehouse is a facility that collects products and goods for the distribution to customers or other industries that may be able to use the products that are provided. The warehouse manager will be responsible for ensuring that all warehouse operations are done both effectively and efficiently by all staff involved with the said warehouse.

The case study concluded that millions of dollars are invested yearly purchase of materials and equipment needed for maintenance and development. The subsequent materials and equipment are then dispersed to three central warehouses and then shipped out to other warehouses and location sites as required. The management of the warehouse will be extremely important for this company as the warehouse will ensure maximum productivity with minimum investment through material handling and purchasing costs. An effectively managed warehouse will also be able to monitor the services and controls and even the flow of products. Being able to see what products the most demand and what products have can be scaled back a bit due to low demand.

One reason for the functional accuracy issues is that of poor skills training. The training requirements for store-related personal must be looked at in depth. All personnel that have any association with the warehouse both internal and external must undergo proper warehouse training. Training completion documents should be kept not only at the human resources office at the corporate office but also on hand at each of the individual stores. Some employees are not as proficient with the computer as they should be and must be trained adequately.

Warehouse management is an integral part in most modern-day businesses. Warehouses of organizations if run and managed efficiently and effectively can serve as safe storage of goods, clear and transparent tracking and accountability at the organizational level. The effectively managed warehouse can also ensure the allocation of the right goods at the right time whenever needed to all client departments, maximum productivity with the least amount of expenditures through proper warehouse ordering. It will provide services and controls to the flow of goods entering and being dispersed by the company.

Explanation:

Organizational Chart

SWOT Analysis

Mission

⦁ Organizations are committed to selling the most credible brands to the most competing products, avoiding the need for customer comparison shopping.

⦁ By maintaining a considerate and low stress purchasing environment, their goal is to be the leading store for all home appliances needs.

Problem Statement

⦁ Providing Constant service

⦁ Employee and Customer satisfaction

⦁ Creation of a low-stress environment helps clients select the right products

Opportunities

⦁ Rapid adjustment to the changes

⦁ Low startup costs

⦁ Customization and catering to individual needs is possible

⦁ Increase in responsiveness

⦁ Improvement in reliability

⦁ Improvement in productivity through balancing Benefits

⦁ Bundling of product flows

PRELIMINARY INVESTIGATION REPORT

Subject:

Date:

INTRODUCTION

[Provide a brief description of the system, the name of the person or group who performed the investigation, and the name of the person or group who initiated the investigation.]

SYSTEMS REQUEST SUMMARY

[Explain the basis of the systems request, including an explanation of major problems or opportunities mentioned in the request.]

PRELIMINARY INVESTIGATION FINDINGS

[Describe the results of the investigation, including the scope of the proposed project and the conclusions that were reached. Mention all significant findings, including the results of interviews and other fact-finding, and provide an estimate of current costs.]

RECOMMENDATIONS

[Present a specific recommendation for further action.]

TIME AND COST ESTIMATES

[Include an estimate of time and expenses necessary for additional IT department work. This should be quite specific for the next phase and should include a timetable and cost estimate for the entire project.]

EXPECTED BENEFITS

[Explain all tangible benefits, with specific dollar estimates, using a range if appropriate. Also mention any intangible benefits.]

Questionnaire results

Results are ordered by importance. The top result (#1) is the most important to that group.

Most common features requested by appointment setters:

Reminder services calls/messages

See technician’s availability

Determination of discounts for customers

See availability of parts to schedule repair

View service history

Most common features requested by technicians:

Able to view own calendar

See availability of parts to schedule repair

Keep notes for each customer

Mobile access of scheduling

View service history

Reminder services calls/messages

Most common features requested by parts department:

Can pull inventory requests every two hours.

Database of requested parts.

Most common features requested by management:

Reporting by time period, type of appliance, brand

Determination of discounts for customers

Mobile access of scheduling

Routing and mapping of technician’s driving to appointments

See technician’s availability

Suggest preventative maintenance to customers

SYSTEM DOCUMENTATION

NAME OF SYSTEM

DATE

PAGE of

ANALYST

PURPOSE OF DOCUMENTATION

FIELD FIELD TYPE FIELD LENGTH

REQUEST FOR INFORMATION SERVICES

Date:

System enhancement: Title:

Department: Location:

New system: E-mail:

REQUEST FOR:

URGENCY:

[ ] Correction of system error

[ ] Immediate attention required

[ ] System enhancement [ ] Handle in normal priority sequence

[ ] New system [ ] Defer until new system is developed

DESCRIPTION OF REQUESTED SYSTEMS SERVICES:

(ATTACH ADDITIONAL DOCUMENTS AS NECESSARY)

(To be completed by the Information Technology Department)

[ ] Approved Assigned to IT contact person:

User:

Urgency code (1 low to 5 high):

[ ] Modified (see attached notes)

[ ] Rejected (see attached notes)

Date:

Action:

SYSTEM REQUIREMENTS DOCUMENT

⦁ Introduction

⦁ Summary

⦁ Findings

⦁ Recommendations

⦁ Time and Cost Estimates

⦁ Expected Benefits

⦁ Appendix

SYSTEM DESIGN SPECIFICATION

1. Management Summary

2. System Components Details

a. Program Design

b. User Interface Design

c. Output and Input Design

d. File and Database Design

e. Support Processing Design

3. Environmental Requirements

4. Implementation Requirements

5. Time and Cost Estimates

6. Appendices (as needed)

SYSTEM REQUIREMENTS CHANGE REQUEST

PRINT THE FOLLOWING INFORMATION:

NAME

DEPARTMENT

JOB TITLE

DESCRIPTION OF CHANGE:

REASON FOR CHANGE:

ATTACH ADDITIONAL INFORMATION AND DOCUMENTS AS NEEDED:

CHECK THIS BOX IF ATTACHMENTS ARE INCLUDED:

SIGNED _________________________________________________________ DATE __________________________

CONTROL NUMBER

DATE RECEIVED

TO BE COMPLETED BY THE PROJECT COORDINATOR:

IMPACT ANALYSIS:

Include an estimate of resources needed, with specific costs and timetables.

ACTION:

ACCEPT

DEFER UNTIL (DATE)

REJECT FOR THE FOLLOWING REASONS:

SIGNED ___________________________________________________________ DATE _____________________

DATA DICTIONARY

DATA ELEMENT DESCRIPTION

SYSTEM

DATA ELEMENT NAME LABEL

ALTERNATE NAMES

Type and LENGTH  OUTPUT FORMAT

DEFAULT VALUE  ACCEPTABLE VALUES

PROMPT/COLUMN HEADER

SOURCE

SECURITY

RESPONSIBLE USER

DERIVATION FORMULA

DESCRIPTION AND COMMENTS

DATA DICTIONARY

DATA FLOW DESCRIPTION

ID  NAME

ALIAS

DESCRIPTION

ORIGIN  DESTINATION

RECORD

VOLUME AND FREQUENCY

COMMENTS

PROCESS DESCRIPTION

SYSTEM

PROCESS NAME

PROCESS ID

INPUT DATA FLOWS

OUTPUT DATA FLOWS

PROCESS DESCRIPTION

RECORD DESCRIPTION

SYSTEM

RECORD ID

RECORD NAME

ALTERNATE NAMES

DEFINITION

RECORD DATA ELEMENTS

DATA STORE DESCRIPTION

LABEL

ENTRY TYPE

DESCRIPTION

ALIAS

COMPOSITION (ATTRIBUTES)

NOTES

LONG NAME

EXTERNAL ENTITY DESCRIPTION

LABEL

ENTRY TYPE

DESCRIPTION

ALIAS

VALUES & MEANINGS

NOTES

LONG NAME

SYSTEM DOCUMENTATION

NAME OF SYSTEM

DATE

PAGE of

ANALYST

PURPOSE OF DOCUMENTATION

PROGRAM IDENTIFICATION

PURPOSE

FILES – DATABASES – CLOUD REQUIREMENTS

WEB PROCESSING REQUIREMENTS AND RESOURCES

Net Present Value (NPV) Template

Note:            Cells B12:H12 and B16:H16 contain formulas to multiply discount factors * benefit and cost values   Cells I12 and I16 contain adjusted cost and benefit totals       Cell C18 contains the calculation for net present value (NPV)                  Year Year Year Year Year Year Year Total    0 1 2 3 4 5 6    Benefits           Factor           PV of Benefits          –            –            –            –            –            –            –            –                Costs           Factor           PV of Costs          –            –            –            –            –            –            –            –                 Net Present Value:           –

SYSTEM SECURITY CHECKLIST

⦁ Overview of System Security Issues and Concerns

⦁ Analysis of Physical Security

⦁ Analysis of Network Security

⦁ Analysis of Application Security

⦁ Analysis of File Security

⦁ Analysis of User Security

⦁ Analysis of Cloud vulnerability, if any

⦁ Additional Comments and Recommendations

Payback Analysis Template             Note: Cells C8:C14 and E8:E14 contain formulas to accumulate costs and benefits                  Year Costs Cumulative Benefits Cumulative       Costs   Benefits   0                   –                     –     1                   –                     –     2                   –                     –     3                   –                     –     4                   –                     –     5                   –                     –     6                    –                      –

1                   –                     –     2                   –                     –     3                   –                     –     4                   –                     –     5                   –                     –     6                    –                      –                       –                     –              ROI:

#DIV/0!

Net Present Value (NPV) Template                    Note:             Cells B12:H12 and B16:H16 contain formulas to multiply discount factors * benefit and cost values   Cells I12 and I16 contain adjusted cost and benefit totals       Cell C18 contains the calculation for net present value (NPV)                  Year Year Year Year Year Year Year Total    0 1 2 3 4 5 6    Benefits           Factor           PV of Benefits          –            –            –            –            –            –            –            –                Costs           Factor           PV of Costs          –            –            –            –            –            –            –            –                 Net Present Value:

Appliance Warehouse staffing

Parts Department – purchasing, inventory control, sales

Director: Maddox Farley

Sales staff: Tyler Cummings, Steve Dawson, Amelia Warner

Purchasing: Celia Martel, Joe Perez

Inventory/warehouse: Ben Cooke, Melissa Benedict, Matt Jones

Appliance Sales – sales of new appliances in 4 departments

Director: Sonia Lopez

Large Kitchen Appliance department: Mike Nelson (manager), Jessica Scott, Rachel Evans, Justin Cooper

Laundry Appliance department: Tina Turner (manager), Mackenzie Scott, James Wright

Audio/Visual department: Samantha Campbell (manager), Tim Reynolds, Tracey Oliver

Small Appliance department: Peter Parker (manager), Ken Howell, Marti Castillo

Service Department

Service Manager: Emily Johns

Technicians: Liam Henson, Mark Robles, Lee Wong

Appointment setters: Lisa Shields, Jake Meyers

Equipment and parts: Rhonda Patel

Storewide Cashiers:

Manager: Abby Franklin

Cashiers: Nancy Richards, Joy Vasquez, David Goodman, Paul Patton, Maria Nunez

Administrative roles:

Owner (store manager reports to this role): Mae Roth

Store Manager (all department heads and assistant manager report to this role): Alan Marks

Store Assistant Manager (admin roles report to this assistant manager): Ali Miranda

Admin Assistant to store manager: Tim Stafford

Human Resources specialist: Joey Booker

Accounting, payroll, accounts payable/receivable: Doug Dorsey, Tia Carey

IT department: Carlie Davis (manager), Tony Barlett, Meredith Parks, you

Costs for in-house development  Standard Development Times            As standard practice, use these costs for all in-house development.   As standard practice, use these guidelines (assume 8 hours of work per day).     Cost per hour (for first year)     Duration   Database Development  $               60    Database design 5 days   Web developers  $               75    Database build 10 days   App developers  $               75    Design of a report (web or app) 2 days   UX designers  $               60    Design of data entry page (web or app) 2 days   Business Analyst  $               50    Design of static text page (web or app) 1 day   Trainers  $               50    Build of a report (web or app) 1 day   Cybersecurity specialists  $               90    Build of data entry page (web or app) 1 day   System Admin  $               70    Build of static text page (web or app) 1 day       Connection to separate system or database (sys admin) 8 days       Analysis work (both web and app combined) 20 days       Training 5 days   Equipment:     Cybersecurity work 10 days   Servers  $         2,500        Routers  $             200            Expected Monthly Maintenance:         Development (web or app) 2 days       System Admin  3 days       Training 1 day           Key:        Web or app = activity must be done for both web and app. Same amount of time required for each deliverable.   Both web and app = time given includes development for both of the web and app deliverables.

Service Records Sample

Date Called Date of Service Appliance type Appliance serial number Parts Needed Technician assigned Customer Name Customer Address Customer Phone

1/6 1/6 Refrigerator KN-78-215-896 KN-1256 Robles Sophie Goldberg 123 Main St, Hopkinton, MA 508-555-1256

1/6 1/7 Dishwasher WP-55-311-698 WP-1788 Wong Mitch Chu 5525 Winter Rd, Medford, MA 617-555-9898

1/7 1/7 Refrigerator WP-78-956-694 WP-8877 Henson Jamie Fernandez 2 Hope St, Hull, MA 617-555-4125

1/8 1/10 Microwave AB-99-357-753 AB-3321 Wong Mike Singh 15 Arch St, Tewksbury, MA 508-555-3596

1/9 1/9 Washing machine GE-10-122-542 GE-2119 Robles George Kostanza 369 Pike Circle, Danvers, MA 508-555-6235

1/9 1/10 Dishwasher KN-55-396-477 KN-5511 Robles Felicia Parkinson 50 Central Ave, Hopedale, MA 508-555-2144

Analysis and Design task durations             Project name Year Task name Duration    Accounts Payable 2018        Interview process 5 days      Development of User Questionnaire 2 days      Identification of risks 1.5 days      DFD diagram 4 days      UML diagram 4 days      Layout of 1 report 4 hours      Layout of 1 user screen 2 hours      Testing plan 5 days      Implementation plan 3 days           Human Resources 2017        Interview process 4 days      Development of User Questionnaire 2 days      Identification of risks 1 day      DFD diagram 3.5 days      UML diagram 2 days      Layout of 1 report 2 hours      Layout of 1 user screen 4 hours      Testing plan 7 days      Implementation plan 3 days           Payroll 2019        Interview process 6 days      Development of User Questionnaire 1 day      Identification of risks 2 days      DFD diagram 4.5 days      UML diagram 5 days      Layout of 1 report 1 day      Layout of 1 user screen 4 hours      Testing plan 5 days      Implementation plan 3.5 days of 1 report 1 day      Layout of 1 user screen 4 hours      Testing plan 5 days      Implementation plan 3.5 days