Essentials of MIS (13th Edition)
13th Edition
ISBN: 9780134802756
Author: Kenneth C. Laudon, Jane Laudon
Publisher: PEARSON
expand_more
expand_more
format_list_bulleted
Question
Chapter 4, Problem 17MLM
Program Plan Intro
Fair Information Practices:
Fair Information Practices are a set of principles and practices that define how an information based society can appeal management, information handling, flows and storage with an opinion towards preserving security, fairness and privacy in a quickly developing worldwide technology environment.
Explanation of Solution
Business situation in each Principles are as follows:
1. Notice or Awareness:
Notice or Awareness must reveal their information before gathering data. But, if the customer does not provide any notice of an entity’s information to the companies. So, the manager should take necessary action for this situation to accomplish the company goal.
2. Choice or Consent:
If the Choice or Consent does not allow the customer to choose their information for secondary purpose. So, the manager should take necessary action for this situation such as give authority to the customers and so on to accomplish the company goal.
3. Access or Participation:
In access or Participation if the customer should not able to review and content the accuracy and completeness of collected data in a timely and inexpensive process...
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
Why is it important to treat security not as a "point in time" measurement? If you had to explain the important of investing in security in a long-term strategy to a CEO or CFO, how would you counter the "point in time" argument?
The topic is: Is it ethical for employers to monitor employees?
Kindly follow the guidelines below and then write a good ungraded term paper.
Introduction: Ask your question here. Provide enough background to interest the reader. ~1 paragraph
Stakeholders: In this section, introduce the groups of stakeholders you identified. Devote one paragraph to each group of stakeholders, introducing them and explaining how they are impacted by the issue at hand. ~4 paragraphs
Solutions: In this section, outline your chosen solution(s). Devote at least one paragraph to each solution. One of your "solutions" is likely to be "make no changes/leave things as-is" (status quo), which is likely to have been thoroughly covered when introducing stakeholder groups. If that is the case, you do not need to introduce it again here. ~1-2 paragraphs
Consideration of consequences: In this section, you should consider the effects of your proposed solution(s) on the stakeholders you identified. It may be…
Who has the authority inside a corporation to decide when and how information should be utilized?
Knowledge Booster
Similar questions
- When conducting an audit, business risk must be considered. a) Define business risk in the context of an audit and outline various potential sources of risk. b) What is the relationship between business risk and the audit's preliminary analytical procedures? c) When preparing an audit engagement, there are four key areas to consider, each with its own set of sub-areas. Please indicate the four primary regions as well as the relevant sub-parts.arrow_forwardAn example of a recent security violation involving access control or authentication might be instructive. Do you feel it has had an impact on the company's business practices? Can you give me with specific details on whether or not the firm has suffered losses?arrow_forwardCompliance management is the process of adhering to the government guidelines that are set in place for your industry. These requirements can change and shift, so integrating compliance management into your corporate operations is critical. Without a robust compliance management program in place, your company may fail to meet government requirements, resulting in fines and loss of income. Non-compliance can often compound and build over time, so it’s crucial to be diligent in your efforts to meet industry standards. What are the consequences if a private firm fails to adopt the guiding framework or update/maintain its system in compliance with it?arrow_forward
- Analyze the most pressing issues with risk management. Discussion How should a company's strategy incorporate risk management?arrow_forwardWhat is meant by risk exposure?arrow_forward- There are many types of cybersecurity liability policies covering a host of eventualities. What insurance you should buy depends on your business model and your company board's risk appetite. For this discussion, pick one of the five cybersecurity laws, regulations, or policies you wrote about in the Module 5 assignment, and discuss what types of insurance you would recommend in case your company fails at compliance for that requirement. Discuss the risk-reward trade offs, and explain why you think your insurance recommendation is worth the cost.arrow_forward
- Question 1(a). You are the IT Manager for Arushton Construction Company. The CEO has requested you to provide a one-day training program on IT-related risks for employees or your organization. As part of the preparation for the training, you are to present a report to the CEO covering the following:(i.) Describe four main types of risks that strategic information systems of your organization may face (or be exposed to).(ii.) Discuss things that your organization should do to prevent or minimize each of the risks you described in (i) above.(iii.) Discuss the types of risks that individuals are often vulnerable/exposed to as they use computers and embedded devices for their operations; and explain two things that people can do to prevent or minimize each of those risks.(b). Despite the fact that the coronavirus (COVID-19) pandemic has greatly disrupted operations of governments and organizations across the globe, it has created vast opportunities in many fields of human endeavor.Discuss,…arrow_forwardWhen is it appropriate for a corporation to adopt CBIS? How did the CBIS come into existence? When is it necessary for a corporation to create its own CBIS? When is it appropriate for businesses to invest in CBIS?arrow_forwardA recommended approach is that the people assigned to implement a risk management program should begin by studying the models presented earlier in this chapter and identifying what each offers to the envisioned process. Once the organization understands what each risk management model offers, it can adapt one that is a good fit for the specific needs at hand. Which risk control strategy would you consider the most effective and why? When should the strategy be used and why should it not be used for all risks?arrow_forward
- To what does "due care" refer? Why is it important for a company to ensure that it is exercising appropriate caution while going about its business as usual?arrow_forwardWhat considerations should be considered when assessing information asset risk?arrow_forwardCorporate governance is defined as the framework of rules and practices by a company’s board of directors to ensureaccountability, fairness and transparency in the company’s interactions with its shareholders, creditors, customers and other stakeholders. What are the objectives of the King IV report on corporate governance?arrow_forward
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,