SyncSession Assignment with Powerpoint presentation..
SyncSession Assignment 4 (LOA 2)
In order to maximize the time we have in the first syncSession please complete the following activities prior to the meeting time:
Reading Assignment:
- Trochim/Donnelly: Ch 7-2, 7-3, 8-1 to 8-6, and 9-1
Assignment:
Using the study you have selected for your project assignments, prepare a short PowerPoint presentation (8-10 slides) that describes and summarizes the published study. Ensure that the following items are covered in the presentation:
- Problem addressed by the study
- Research question(s) guiding the study
- Conceptual model of the study relationships
- Research approach (Exploratory vs Hypothesis-Based)
- Research design (Qualitative vs Quantitative vs Mixed Methods)
- Research methods utilized
- Extension opportunity
A descriptive study
Descriptive research is the process of describing the research problems that are being studied. It mainly focuses on what the research problem is about. It is because of the reason that before investigating the research problem, the researcher must have a proper understanding of the research problem.
In research, a research site is a place where the researcher conducts the research. For example, if a researcher wants to determine the qualification of his employees, then he will survey on it and will mark each item on the survey as yes or no. So in the above-mentioned example, the research site can be any business organization, office, or farm. And the employees working over there are the targeted population that is chosen for the study.
In descriptive research, data can be gathered in multiple ways. For example, by answering survey questioners, conducting interviews, and field observation. It enables the reader in answering the survey questions, as survey questions identify the purpose of the research paper. By answering survey questions respondent comes to know about the kind of research the writer is looking for.
A relational study
The relational study investigates the relationship between two or more variables. The variables that are being investigated are already available in the group. This study does not examine that which variable is causing a change in another. Rather, it only predicts the cause of change, and further research needs to be conducted to determine the kind of cause of change.
In a relational study, the research site can be any context in which change in one can cause a change in others. For example, a public opinion poll that compares the proportion of males and females working at sites. The study essentially determines the aspiration of both genders.
In this example, the targeted population is the male and female of a community. And the problem is to determine the enthusiasm and ambition of both individuals.
The casual study
The casual study investigates the effect of one or more variables. It examines how the change in one variable can affect the other. It is conducted to know about the specific changes. Research site and population primarily depend upon the nature of the problem being investigated. As the casual study is based on experiments, therefore the research site in this study can be laboratories and fields where experiments are being performed. For example, the problem is to measure the progress in the production of workers after giving them practice on a new skill. The targeted populations in this study are the workers.
In a casual study, data is collected through various experiments. So the result of the research can be taken performing multiple experiments.
Finally, when it comes to choosing a research type three styles are important obiously, little hard to pick one however, old assignments and existing notes or experts guildelines will be more effective to choose a better study option. As a security person, I would prefer both descriptive study and casual study where research is deep and through various examples and experiments, proper documentation.
RESEARCH
FOUNDATIONS FOR THE INFORMATION SECURITY PRACTITIONER 1
Topic: IT Security and Governance
Project overview
Advanced technology has effectively transformed the world. The majority of stakeholders, therefore, have taken the initiative of adopting it alongside the emerging trend. In this case, its, therefore, significant development has been realized. The objective of the technical framework has been improving and extending service and enhancing professionalism in areas of application. There has been radical innovation and invention that have helped in coming up with new processes for industrial use (Shuji Kawaguchi, 2009). It has managed to serve as the road map for attaining a competitive and sustainable advantage especially by appreciating the data management and governance roles
Thesis statement
This proposal highlights the problem area of the topic (information security governance) and a hypothetical strength argument for the extension.
Description of the problem
IT security and governance are defined system process where an organization has direct control of the firm security processes and procedures. The international standard organization, reg no38500, fully supports this framework. This plays a different role, and its roles should be detached from security management aspects. It’s mainly involved in making effective decisions and plans that are used to respond to any form of disaster and attack that can halt business processes. Governance, in this case, shows the great necessity of governance and coordination, which specifies the best and most forceful reforms. Besides, there is an added advantage of coordinating all elements of those necessary run organization affairs. Governance ensures that all the reforms and plans put in place have been effectively arrived at. This includes monitoring objectives and making recommendations in a typical IT environment.
Despite the well-outlined role and function of security governance, there have been several challenges, as depicted in the selected case. When the approach does not adopt the best compliance as well as creating a mitigation plan, there emerges a challenge with the entire ruining and managing of IT security. This necessarily happens when the model and approach applied do not genuinely reflect the objective of the organization as far as security infrastructure is concerned.
As outlined, there is a set of challenges that are mainly caused by poor designs and regulations. For instance, the research has proved that many companies and businesses are suffering because of network and vulnerability exposure. When the plan has not outlined the excellent security infrastructure in the system, this puts as firm in the dangers of experiencing attacks and data leakages. Besides, there may also a rise in challenges that relate to fear of the unknown in assets and networks. Access points and updates should be analyzed and put in place to avoid network-related issues (Aaron Nolan, 2017). At times, there may be segmented network vulnerability and distributed across a department. From the study population samples, these factors indeed possess challenges in especially when there abuse of accounts and privileges that have been given to different stakeholders. Besides, the firm may not be able to manage network security and infrastructure because of the depth and security and high configuration that has not been mapped in the right way. This factor makes it hard for IT security and governance to fulfill and attain its mandate.
Summary of finding
Following a point of analysis, there is a set of challenges and factors that are affecting a typical IT security and governance center. Based on fact, it’s a critical part of the organization and must follow a strict plan and offer high results as far as security concerned. In this case, there is an excellent eddo extend security service procedures to prevent crimes and associate challenges. It has been proved that firms that have not enhanced IT security and governance have challenges of integrity. Besides, there is a reduced trust from all aspects, thus raising cyber alerts in the system (Aaron Nolan, 2017). The comprehensive model should also be launched to help manage the massive effect that has been caused by the identified challenges. Organizational information security systems, therefore, should be taken as a priority and interdependencies part of the organization.
Besides, firms should have an eternal plan that will act as an assurance scheme. In case of any compromise, there should always be corporate designs of responding to all those forms of attack. The security of the management and all stakeholder s in a firm should develop a social and professional aspect that appreciates computing technology and policy that are fundamental consideration when planning for an IT security and governance processes. To sum up, the control system of the security governance caters to all aspects of the organization; this includes hardware abstraction, software, and, more importantly, executive control (Shuji Kawaguchi, 2009). Enhancement of the network findings is a critical factor of strengthening IT security and governance as well the entire security processes in a typical working environment
Extension of the research
The research should analyze and give a more and consistent picture of the actual effect that the firm is likely to face in case policy has not been strictly followed. Some of the outlines that should have been taken into consideration include configuration aspect and robust authentication processes that will prevent intruders and third parties on the system. Besides, it’s vital to understand the structure and response processes that should be taken into consideration. All the access control and administrative surveillance should be put in place. The management should be at the forefront of strengthening and appreciating the value of IT security and governance in running the IT environment Aaron Nolan. (2017). It should act as a rule set that ensures safe use of the system and all resources used in dispatching and substantial organizational information.