Recent Question/Assignment

Assignment 2 - Risk Management Evaluation
Value: 20%
Due date: 08-Sep-2015
Return date: 29-Sep-2015
Submission method options
Alternative submission method
Task
Innovartus Technologies Inc wishes to use Google App Engine to drive its voice commands, simple gestures with Webcam and touching screen features.
You have been assigned the task of providing Innovartus with both a Risk Management assessment and a Security assessment for this proposed software and programming platform.
1. Provide an Information Security assessment on your chosen provider using the techniques proposed by Ramgovind et al, and the ASD Cloud Computing Security Considerations as your primary references. This assessment should be no more than 2 pages.
2. Provide a Risk Management assessment for your chosen provider using the Threat and Risk Assessment Questionnaire (White, P. 2015), as a template. You are to complete only the following sections of the template:
Section 2. Privacy Focus: 2.4, 2.6, 2.9, 2.11 and 2.13.
Section 5. Application Focus: 5.1, 5.2, 5.3, 5.4, 5.5, 5.8, 5.12 and 5.13.
Section 6. Data Focus: 6.5, 6.7, 6.9, 6.11, 6.13 and 6.20.
Section 7. Identity Management: A: 7.3 and 7.9. B: 7.5, 7.6 and 7.8
Section 11. Cloud Services: 11.1, 11.6, 11.9, 10.10 and 11.16
Each section is to be completed with only the following detail:
a) Is the question applicable: yes, no or NA
b) What do you think are the likely consequences of the risk? (see Appendix B, Consequences for the term to use)
c) What do you think is the likelihood of the risk occurring? (see Appendix B, Likelihood for the term to use)
d) What is the risk rating for this question? (see Appendix B, Risk Rating for the risk rating)
3. Provide a covering one page executive summary to Innovartus board for these two documents (question 1 and 2) and summary the risk management and security benefits and drawbacks of the proposed software framework running on cloud.
Rationale
This assessment will cover the following objectives:
• Be able to research and apply suitable cloud service delivery on a required case;
• Be able to identify the infrastructure, platform and service information security risk;
• Be able to measure, indicate and categorise the risk level for cloud service models.
Task B
Innovartus board has considered your assessment of the risk management and security issues for the software and programming platform. They have decided that they need an additional assessment on the management and the SLA of Google App Engine.

You have been assigned the task of providing Innovartus board with an assessment of the management requirements and the provisions of the SLA for Google App Engine. You are to:

1. Discuss the requirements for remote administration, resource management, SLA management and billing management of Google App Engine. It may be useful to consider Morad and Dalbhanjan’s operational checklists here. This section should be no more than two to three pages in length.

2. Discuss briefly how you will consider application resilience, backup and disaster recovery for your chosen provider. This section should be no more than two to three pages in length.

3. Use Erl’s SLA guidelines to assess the SLA for your chosen provider. This section should be no more than two to three pages in length.

4. Provide a covering one to two page executive summary of these three assessments to the Innovartus board and summarise the major opportunities and risks that have been identified in your assessments.

Rationale
This assignment covers the following objectives:
• Be able to compare and evaluate the ability of different Cloud Computing Architectures to meet a set of given business requirements;
• Be able to evaluate a set of business requirements to determine suitability for a Cloud Computing delivery model;
• Be able to evaluate and design an ICT Risk Management strategy for a Cloud Computing Delivery plan to meet business requirements;
• Be able to interpret, evaluate and plan the Governance and Security requirements for a Cloud Computing delivery plan;
• Be able to analyse and evaluate business requirements to plan a migration to a Cloud model.

Looking for answers ?