Session #4 – IT Risk Management
Class Slides – Session #4
Class Recordings – April 11
Reading Brief Qs for Session #4 – IT Adventures Ch. 10, 11, and 18
Read Ch. 10, 11, and 18 of “The Adventures of an IT Leader” and write answers to the following questions in no more than 200 words.
- What happened at IVK on Thursday, June 28 (Ch. 10)?
- What are the three recovery plans? What is Mr. Barton’s recommendation and why does he recommend it (Ch. 10 and 11)?
- What is Mr. Williams’ decision? How does he use a poker analogy to justify his decision (Ch. 11 and 18)?
Session #4 – In-Class Discussion Questions
- If you were Mr. Barton, how would you explain the situation in Chapter 10 to your CEO, Mr. Carl Williams, in English?
- If you were Mr. Barton, how would you explain the situation in Chapter 10 to Wall Street analysts you’re scheduled to meet today?
- What do we know for sure? What are the things that we are not sure?
- Did an attacker or attackers intrude inside of IVK’s systems?
- Why do you think this happened? If the security upgrade project was funded and completed, could IVK have prevented this completely?
- What are the roles of board of directors in a business?
- What would happen if a CIO or IT managers receive no adult supervision or control? What if he/she can handle IT in any way he/she wants?
- What should be among the preventative policies and procedures for a failure due to personal devices?
- What are the three recovery options that IVK IT group is considering?
- What are the reasons to disclose the security incidents? What would be the reasons not to disclose?
- Why has Mr. Williams decided to do nothing and not to disclose the incident? What was his thinking?