Management Information Systems (MIS) plays a very important role in today's organizations; it creates an impact on the organization's functions, performance and productivity. A Management Information System (MIS) ensures that an appropriate data is collected from the various sources, processed and send further to all the needy destinations. A system is expected to fulfill the information needs of an individual, a group of individuals, management functionaries, managers and top management to improve efficiency and productivity.
On contrary, any system can be compromised with vulnerability issues. This is mostly in area of confidentiality, integrity and availability (security triangle).
You are advised to provide solutions for improvements for a selected Management Information System's in a selected organization in the area of how to improve aspects of confidentiality, integrity and availability (security triangle) through a vulnerability study assessment.
You should investigate the causes and impacts of vulnerabilities within computing systems and explore the solutions to the problems presented in order to make recommendations to improve their security for Management Information System. The expected solution of the project is a vulnerability assessment and action plan which includes, issues of varying severity
In general, the vulnerability assessment may focus on a test of security infrastructure devices, network servers, operational systems (including Windows and Linux), physical security of buildings, and wireless internet security. You have to mainly focus on how can vulnerabilities in an existing system be identified and counteracted.
* Discover unknown entry points both physical and electronic - that is threat to the overall confidentiality, integrity, and availability of network data and resources
* Problem can be discovered in the areas of installing, configuring, and maintaining servers and infrastructure equipment as well as practices of different department managers and staff tend to have different ways of managing their IT.
* Recommendations for standardization of upcoming infrastructure installations, configurations, and maintenance.
* Educate and increase user awareness on what they could change to improve their security situation in order to build confidence of using the Management Information System
* An action plan to keep their environment secure.
Your role as a student researcher means that you are not trying to perform a specific solution to any vulnerability problem case. You have to make expert recommendations on how to tighten security controls, based on a proven assessment methodology, that are in the best interest of the specific project of Management Information System which may eliminate unnecessary entry points that would greatly reduce the threat. Introducing of a set of policies and procedures for the entire Management Information System help eliminate threats through network entry points and infrastructure. The vulnerability trends and recurring issues that needed careful attention. The project span 03 months in order to provide an accurate snapshot of their current security posture.
The benefit of the project is that it provides a greater awareness among the entire staff about how any vulnerability or weakness in any functional area affects the overall security posture of the Management Information System at large. You are required to provide a full report on vulnerabilities you found and how you educate the Management Information System staff on what they could change to improve their security situation with an action plan to keep their environment secure.
1.1 Describe aims and objectives for vulnerability assessment project which you're introducing. Your explanation should include a brief introduction about the company, the MIS and other relevant information to the assessment project.
1.2 Produce a comprehensive project management plan, the plan should include milestone schedule and project schedule for monitoring and completing the aims and objectives of the project that includes cost, scope, time, quality, communication, and risk and resources management.
1.3 Produce a work breakdown structure and a Gantt chart to provide timeframes and stages for completion.
2.1 Explain qualitative and quantitative research methods appropriate for meeting project aims and objectives which you produced as vulnerability assessment project.
2.2 Evaluate the project's management process and appropriate research methodologies applied, the accuracy and reliability of different research methods applied for the small scale research
3.1 Analyze research data using appropriate tools and techniques.
3.2 Describe appropriate recommendations as a result of research and data analysis to draw valid and meaningful conclusions.
3.3 Evaluate the selection of appropriate tools and techniques for accuracy and authenticity to support and justify recommendations.
4.1. Provide a reflection on the value of undertaking the research to meet stated objectives with your own learning and performance which includes a discussion of the project outcomes, its usefulness to support sustainability of the given organization and its' performance, the decisionmaking process and changes or developments of the initial project management plan to support justification of recommendations and learning during the project.
4.2. Evaluate the value of the project management process and use of quality research to meet stated objectives and support own learning and performance
A vulnerability assessment is a risk management process used to identify, quantify and classify potential vulnerabilities to a given system. It is not isolated in a single domain and applies to systems of different industries. The key element of the vulnerability assessment is the appropriate definition of the impact loss assessment and system vulnerability to this specific threat (SearchSecurity, 2018).
In other words, a vulnerability assessment is the test process used to identify and assign severity levels to as many security vulnerabilities as possible in a given period of time. This process can involve automatic and manual with degrees of rigor and emphasis on comprehensive coverage techniques. Using a risk-based approach, vulnerability assessments can be addressed to different layers of technology, the most common host, and network and application assessments (Techopedia.com, 2018).
There are three primary objectives of a vulnerability assessment.
1. Identify vulnerabilities ranging from critical design flaws to simple misconfigurations
2. Document the vulnerabilities so that developers can easily identify and reproduce the findings.
3. Create guidance to assist developers with remediating the identified vulnerabilities.
Through these primary objectives, the author has defined the aims and objectives of his project research. He has manipulated his work of the research while sticking to these aims and objectives (SearchSecurity, 2018).
A Management Information System (MIS) is a computerized financial information database that is organized and planned so that periodic reports are produced on operations for all levels of management of an enterprise. In general, it is also possible to easily obtain special reports from the system. The main objective of the MIS is to give managers feedback on their own performance; Management can monitor organization as a whole. The information displayed by the MIS card usually displays the "actual" data in front of the "expected" results and the results of the previous year. Therefore, measure progress against objectives (Shopify, 2018). Everyone who works in business, from someone who pays the bills to the person who hires and fires, uses information systems. For example, a supermarket could use a computer database to keep track of which products sell best. And a music store could use a database to sell CDs over the Internet (Guru99.com, 2018).
To accumulate the MSI in the research project the author had to use a company with a standard Information System. The below section will give a small background check and a description about the company which the author has chosen.
Read More ....