Information Systems Security Quiz

What is the typical life cycle of an ERP System?

How do many companies treat an ERP system according to the text?

What is the common focus of many companies during ERP system implementation?

What is emphasized as important after the go-live of an ERP system?

How long should companies consider managing an ERP system?

What is one of the possible IS threats mentioned in the text?

Which of the following is NOT mentioned as a part of data safeguards?

Who is responsible for creating a security mindset among employees?

What is the primary goal of ISs Security mentioned in the text?

Which book is NOT listed as a reference in the text?

Who is commonly responsible for managing the ERP system?

What are the phases in the management of an ERP system after its go-live?

Which department is directed by the CIO and focuses on technical management of all ISs, including the ERP system?

What activities are included in the maintenance phase of an ERP system?

When might it be time to select a new ERP system?

What department can manage the ERP system using a holistic approach?

What is a common vulnerability in Information Systems (ISs)?

What is the primary focus of the AFC department in managing ISs?

What is the main purpose of ISs Security?

Which department oversees Business Process Management (BPM) and can manage ISs using a holistic approach?

Managing Information Systems Security

The AFC department is responsible for the management of all ISs if it oversees the IT department, utilizing a functional approach.
The BP department, directed by CPO, focuses on Business Process Management (BPM) and can also manage all ISs if it oversees the IT department, using a holistic approach.
The ERP System can be managed by the IT department (technical approach), AFC department (functional approach), or BP department (holistic approach).
ISs contain company data and support business processes, making unauthorized access a threat to data theft, damage, or disruption of services.
ISs Security prevents unauthorized access to ISs, protecting them from theft or damage of data and ensuring the integrity of the computer system.
Cyber Security, including ISs Security, is crucial due to the increasing value of data and the prevalence of cyber threats.
Cyber Security threats include individuals or organizations seeking to obtain or alter data illegally, human errors, and natural disasters.
ISs are highly vulnerable due to the ease of data sharing and the use of newer, less secure technologies, requiring a response to security threats.
Common vulnerabilities include unauthorized data disclosure, incorrect data modification, denial of service attacks, and loss of infrastructure.
Technical, data, and human safeguards are essential in ISs Security, involving identification and authorization, encryption, firewalls, malware protection, and role-based access control.
Technical safeguards encompass user identification and authorization, encryption, firewalls, and malware protection.
Data safeguards involve protecting information integrity, while human safeguards focus on role-based access control.