Bus 4068 Unit 3 Assignment 1 Risk-Management Systems

You are currently viewing Bus 4068 Unit 3 Assignment 1 Risk-Management Systems


  1. As a forensic accountant advising Geox, I recommend evaluating open-source shopping cart systems by considering their security features. In today’s digital age, security is a complex issue, and vulnerabilities in one program can impact others, potentially leading to system crashes.
    It is essential to assess the open-source software’s and MYSQL’s security. One approach is to research and gather information about the security vulnerabilities of these applications from reputable sources and independent organizations that regularly monitor security standards.

    Bus 4068 Unit 3 Assignment 1 Risk-Management Systems

  2. The fact that the systems are open source can have implications for their security. Generally, open-source software is considered more secure than closed software due to its ability to be modified and scrutinized by a broader community.
    However, it is important to note that not all open-source software is equally secure. To assess the security of specific software, one can conduct thorough research online or engage experts to verify its security features.


  1. Let’s examine Rimco’s Information Security Management System (ISMS). While Rimco’s system may seem adequate, it lacks certain critical components for a robust security program. The following are some key characteristics that appear to be missing:

1) Employee training: Effective employee training is crucial for operating the system correctly and minimizing vulnerabilities. Often, staff members need to gain awareness of security protocols, which can expose the system to attacks. Hackers exploit this knowledge gap to gain unauthorized access, compromising passwords and security algorithms.

Bus 4068 Unit 3 Assignment 1 Risk-Management Systems

2) Employees’ access rights: To ensure the security and privacy of files, limiting each employee’s access to data is essential. Failure to appropriately manage and restrict information access increases the risk of misuse. Implementing multiple tiers of access can enhance security measures.

3) Security monitoring: Relying solely on employees to report security issues poses significant risks. Employees may not always be able to identify threats or may choose not to write them intentionally. Implementing an automated system for continuous security monitoring is advisable to detect and address potential threats proactively.

  1. The ISMS in place at Rimco exhibits several weaknesses that need to be addressed:

1) Inadequate access control: Access control is critical to any security system, acting as the first line of defense. It involves layering encrypted data under multiple layers of additional data and tests, ensuring enhanced protection.

Bus 4068 Unit 3 Assignment 1 Risk-Management Systems

2) Security testing: Even the most secure software can have vulnerabilities resulting from configuration errors. Conducting rigorous security testing to identify and rectify any such issues in security applications is essential.

3) Industry security information: It is recommended for Person D at Rimco actively participate in community discussion forums related to security for the Zelical system. Engaging in these forums will allow them to discuss the software, receive feedback, and exchange suggestions with experts in the field.