Sample Management Essay Paper on Information System Risk Management

Information System Risk Management

 First Student’ Response -Charantee Contee

How does FISMA OR COBIT ensure Risk Management practices are effective in the Federal sector?   

The US government has encountered enormous risks in terms of mismanagement, as it endeavors to offer services to its citizens, leading to costly damages and widespread ripple effects. However, to curb information systems risk measures have been put into place such as through legislation. According to Gantz and Philpott (2013), Federal Information Security Management Act (FISMA) has created a framework where the federal government agencies secure information systems while managing risk that emerge from information resources within the agencies. The act has led to consistent and repeatable security control assessments among government agencies. FISMA has ensured that the nation’s vital infrastructure is secured from known vulnerabilities that terrorize the US economy and security (Khallaf & Majdalawieh, 2012). The act has emphasized on cost-effective reduction of information security risks by formulating protective measures that seek to minimize risks and are acceptable across all government agencies.

References

Gantz, S. D., & Philpott, D. R. (2013). FISMA and the risk management framework: The new practice of federal cyber security. Boston: Syngress.

Khallaf, A., & Majdalawieh, M. (2012). Investigating the Impact of CIO Competencies on IT Security Performance of the U.S. Federal Government Agencies. Information Systems Management, 29(1), 55-78. doi:10.1080/10580530.2012.634298

Second Student’ Response -Noha

How does FISMA OR COBIT ensure Risk Management practices are effective in the Federal sector?   

FISMA requires the federal, as well as state agencies, to reinforce information security controls on resources that assist federal operations and assets. The widespread use of computer technology and cyber-security in government agencies has led to a review of FISMA in 2014 to strengthen information security roles in the Department of Homeland Security (DHS), as well as the Office of Management and Budget (OMB) (“Actions Needed,” 2015). For effective risk management, FISMA has collaborated with the National Institute of Standards and Technology (NIST) in the fight against cybercrime and other risks by developing and encouraging implementation of strategies to adopt cloud-computing systems in the federal government. FISMA has guaranteed high economic performance and innovation in the federal government agencies by requesting system owners to specifying the right security provisions to enhance integrity and confidentiality of information (Gantz & Philpott, 2013).

References

Actions Needed to Address Challenges Facing Federal Systems. (2015). GAO Reports, 1-19.

Gantz, S. D., & Philpott, D. R. (2013). FISMA and the risk management framework: The new practice of federal cyber security. Boston: Syngress.

Third Student’ Response – Kehinde Aboderin

How does FISMA OR COBIT ensure Risk Management practices are effective in the Federal sector?   

Breaches in security on government information systems have led to losses of money as well as increasing threat on the national security. In 2011, approximately 107,655 security incidents were reported within the country, and out of those incidents, 43,889 happened in federal agencies (Taylor, 2013). To minimize risks in federal agencies, FISMA has mandated new systems and applications be assessed before they can be allowed operate. FISMA has directed the Chief Information Office (CIO) to perform extra duties to boost agency-wide information security practices, in addition to ensuring that personnel are versed on matters of information security and risk management (Khallaf & Majdalawieh, 2012).

References

Khallaf, A., & Majdalawieh, M. (2012). Investigating the Impact of CIO Competencies on IT Security Performance of the U.S. Federal Government Agencies. Information Systems Management, 29(1), 55-78. doi:10.1080/10580530.2012.634298

Taylor, L. P. (2013). FISMA compliance handbook. Waltham, MA: Syngress.