Writing Question

Learning Goal: I’m working on a writing report and need an explanation and answer to help me learn.

IFSM 201 Professional Memo Before you begin this assignment, be sure you have read the Small Merchant Guide to Safe Payments documentation from the Payment Card Industry Data Security Standards (PCI DSS) organization. PCI Data Security Standards are established to protect payment account data throughout the payment lifecycle, and to protect individuals and entities from the criminals who attempt to steal sensitive data. The PCI Data Security Standard (PCI DSS) applies to all entities that store, process, and/or transmit cardholder data, including merchants, service providers, and financial institutions. Purpose of this Assignment You work as an Information Technology Consultant for the Greater Washington Risk Associates (GWRA) and have been asked to write a professional memo to one of your clients as a follow-up to their recent risk assessment (RA). GWRA specializes in enterprise risk management for state agencies and municipalities. The county of Anne Arundel, Maryland (the client) hired GWRA to conduct a risk assessment of Odenton, Maryland (a community within the Anne Arundel County), with a focus on business operations within the municipality. This assignment specifically addresses the following course outcome to enable you to: • Identify ethical, security, and privacy considerations in conducting data and information analysis and selecting and using information technology. Assignment Your supervisor has asked that the memo focus on Odenton’s information systems, and specifically, securing the processes for payments of services. Currently, the Odenton Township offices accept cash or credit card payment for the services of sanitation (sewer and refuse), water, and property taxes. Residents can pay either in-person at township offices or over the phone with a major credit card (American Express, Discover, MasterCard and Visa). Over the phone payment involves with speaking to an employee and giving the credit card information. Once payment is received, the Accounting Department is responsible for manually entering it into the township database system and making daily deposits to the bank. The purpose of the professional memo is to identify a minimum of three current controls (e.g., tools, practices, policies) in Odenton Township (either a control specific to Odenton Township or a control provided by Anne Arundel county) that can be considered best practices in safe payment/data protection. Furthermore, beyond what measures are currently in place, you should highlight the need to focus on insider threats and provide a minimum of three additional recommendations. Below are the findings from the Risk Assessment: • The IT department for Anne Arundel County requires strong passwords for users to access and use information systems. The IT department for Anne Arundel County is meticulous about keeping payment terminal software, operating systems and other software (including anti-virus software) updated. • Assessment of protection from remote access and breaches to the Anne Arundel network: Odenton Township accesses the database system for the County when updating resident’s accounts for services. It is not clear whether a secure remote connection (VPN) is standard policy. • Assessment of physical security at the Odenton Township hall: the only current form of physical security are locks on the two outer doors; however, the facility is unlocked Monday-Friday, 8am-5pm (EST), excluding federal holidays. • Employee awareness training on data security and secure practices for handling sensitive data (e.g., credit card information) are not in place. • The overarching conclusion of the risk assessment was that Odenton Township is not fully compliant with the PCI Data Security Standards (v3.2). Note: The Chief Executive for Anne Arundel County has asked for specific attention be paid to insider threats, citing a recent article about an administrator from San Francisco (see Resources). Anne Arundel County wants to understand insider threats and ways to mitigate so that they protect their resident’s personal data as well as the County’s sensitive information. These are threats to information systems, including malware and insider threats (negligent or inadvertent users, criminal or malicious insiders, and user credential theft). Expectations and Format Using the resources listed below, you are to write a 2-page Professional Informational Memo to the Chief Executive for Anne Arundel County that addresses the following: • Risk Assessment Summary: Provide an overview of your concerns from the risk assessment report. Include broad ‘goal’ of the memo, as a result of the risk assessment, the broad recommendations. Specific Action Steps will come later. The summary should be no more than one paragraph. • Background: Provide a background for your concerns. Briefly highlight why the concerns are critical to the County of Anne Arundel and Odenton Township. Clearly state the importance of data security and insider threats when dealing with personal credit cards. Be sure to establish the magnitude of the problem of insider threats. • Concerns, Standards, Best Practices: The body of the memo needs to justify your concerns and clarify standards, based on the resources listed below, at minimum. The PCI DSS standards are well respected and used globally to protect entities and individual’s sensitive data. The body of the memo should also highlight three current controls that are considered best practice; that is, you should highlight the positive, what is currently in place, based on the risk assessment. • Action Steps: Provide a conclusion establishing why it is important for Anne Arundel County to take steps to protect residents and county infrastructure from insider threats based on your concerns. Recommend a minimum of three (3) practical action steps, including new security controls, best practices and/or user policies that will mitigate the concerns in this memo. Be sure to include cost considerations so that the County is

getting the biggest bang for the buck. The expectations are not for you to research and quote actual costs, but to generalize potential costs. For instance, under the category of physical security, door locks are typically less expensive than CCTV cameras. • Be sure to review the PowerPoint presentation (in pdf format) Effective Professional Memo Writing that accompanies these instructions. • Use the Professional Memo template that accompanies these instructions. o Use four section subtitles, in bold. ▪ Risk Assessment Summary ▪ Background ▪ Concerns, Standards, Best Practices ▪ Action Steps o Do not change the font size or type or page margins. o Do not include any graphics, images or ‘snips’ of any content from copyrighted sources. The PCI Standards (PCI DSS) document is copyrighted material. o Paragraph text should be single spaced with ONE ‘hard return’ (Enter) after each paragraph and after each section subtitle. Note: Do not create a new ‘paragraph’ after each sentence. A single sentence is not a paragraph. o ‘Subject’ is the subject of your memo, not the course name or number. o Be sure to remove any remaining ‘placeholder’ text in the template file before submitting. o The length of the template when you download it is NOT the intended length of the entire memo. Your completed memo should be between 1.5 pages and 2 pages (total document, including the To:/From:/Re:/Subject header). *Note: the Professional Memo is to be in a MS Word file and all work is to be in the student’s own words (no direct quotes from external sources or the instructions) * APA documentation requirements: • As this is a professional memo, as long as you use resources provided with or linked from these instructions, APA documentation is NOT required. • Citing material or resources beyond what is provided here is NOT required. • However, you should use basic attribution and mention the source of any data, ideas or policies that you mention, which will help establish the credibility and authority of the memo. o For example, mentioning that the Payment Card Industry Data Security Standards (PCI DSS) identify a certain control as best practice holds more weight than simply stating the control is a best practice without basic attribution. o Mentioning that Wired Magazine reported that a City of San Francisco IT technician effectively hijacked and locked 60% of the city’s network capacity, is more effective than saying “I read somewhere that…”

Get 20% Discount on This Paper
Pages (550 words)
Approximate price: -

Try it now!

Get 20% Discount on This Paper

We'll send you the first draft for approval by at
Total price:

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

Assignment Help has assembled a team of highly skilled writers with diverse experience in the online writing circles. Our aim is to become a one stop shop for all your Academic/ online writing. Check out below our amazing service!


Essay Writing Services

At Assignment Help, we prioritize on all aspects that creates a good grade such as impeccable grammar, proper structure, zero-plagiarism, and conformance to guidelines. The principal purpose of essay writing is to present the author's evaluation concerning a singular subject about which they have made. Since Professionalism is the mother of every success, try our team of experienced writers in helping you complete your essays and other assignments.


Admission Papers

You have been trying to join that prestigious institution you long yearned for, but the hurdle of an admission essay has become a stumbling block. We have your back, with our proven team that has gained invaluable experience over time, your chance of joining that institution is now! Just let us work on that essay.How do you write an admission essay? How do you begin the essay? For answers, try Quality Custom Writers Now!


Editing and Proofreading

Regardless of whether you're pleased with your composing abilities, it's never an impractical notion to have a second eye go through your work. The best editing services leaves no mistake untouched. We recognize the stuff needed to polish up a writing; as a component of our editing and proofreading, we'll change and refine your write up to guarantee it's amazing, and blunder free. Our group of expert editors will examine your work, giving an impeccable touch of English while ensuring your punctuation and sentence structures are top-notch.


Technical papers

We pride ourselves in having a team of clinical writers. The stringent and rigorous vetting process ensures that only the best persons for job. We hire qualified PhD and MA writers only. We equally offer our team of writers bonuses and incentives to motivate their working spirit in terms of delivering original, unique, and informative content. They are our resources drawn from diverse fields. Therefore your technical paper is in the right hands. Every paper is assessed and only the writers with the technical know-how in that field get to work on it.


College Essay Writing

If all along you have been looking for a trustworthy college essay service provider that provides superb academic papers at reasonable prices, then be glad that you search has ended with us. We are your best choice! Get high-quality college essay writing from our magnificent team of knowledgeable and dedicated writers right now!


Quality Assignment/Homework Help

We give the students premium quality assignments, without alarming them with plagiarism and referencing issues. We ensure that the assignments stick to the rules given by the tutors. We are specific about the deadlines you give us. We assure you that you will get your papers well in advance, knowing that you will review and return it if there are any changes, which should be incorporated.