Analysis Smith Systems Consulting Audit Report
In the past five weeks, you have learned about information system security and cybercrimes. As you move ahead in your Criminal Justice career path, you will have access to information and networks. In Week 1 you worked with Riordan Manufacturing to review their network and provide some guidance. In this final assignment, you will work with Smith Systems Consulting. The company consults with organizations to incorporate technology and streamline processes. Every five years, the company hires an outside firm to run an audit to ensure they are safe and in compliance with regulatory organizations. You will review their website and utilize the information you have learned this week to write an audit report.
Review the Smith Systems Consulting website under the Business tab on the Virtual Organizations Portal.
Write a 700- to 1,050-word report in which you address the following:
1. Choose at least two laws that Smith Systems Consulting must ensure compliance with. Explain your selections and how each law affects the distribution of information in an organization like Smith Systems Consulting.
2. Which of the six cyber elements of cyber readiness outlined on the CISA Cyber Essentials page would each law you selected support? Provide rationale.
3. Provide at least two recommendations for Smith Systems Consulting to include in a guide of best practices related to internal and external policies and procedures. Explain how these recommendations promote the protection of the hardware, software, and data in the company’s information systems.
Format your report according to APA guidelines.
Smith Systems Consulting Audit Report
Student’s Name
Institutional Affiliation
Course Name and Number
Professor’s Name
Assignment Due Date
Smith Systems Consulting Audit Report
Cybersecurity Laws
Computer Fraud and Abuse Act (CFAA)
One of the laws that Smiths Systems Consulting (SSC) must ensure compliance with is the Computer Fraud and Abuse Act (CFAA) (ICLG, 2020). The CFAA is a statutory requirement for all organizations, which could lead to criminal or civil prosecution if violated. The law prohibits seven acts, among them trafficking in passwords, damaging computers recklessly or intentionally, and knowingly accessing protected computers with the intent to defraud (ICLG, 2020). As a consultancy company, SSC is entrusted with the task of streamlining organizations’ systems. However, if SSC violates this trust, it may be in breach of the CFAA. For instance, given one of the company’s services is developing systems, it is easy for SSC to traffic passwords and use them to access clients’ computers with the intent to defraud.
Electronic Communications Protection Act (ECPA)
Another law that SSC has to comply with is the Electronic Communications Protection Act (ECPA) (ICLG, 2020). This Act protects all electronic communications in storage or transit. Electronic communications include emails, online payments, and any other form of online transaction. Given SSC’s expertise with database design and development services, the company can easily access confidential and private information within its clients’ databases (Smith Systems Consulting, 2021). This information can then be used to extort clients, leading to criminal prosecution (ICLG, 2020). To avoid this, therefore, SSC has to ensure strict compliance with the ECPA.
Elements of Cyber Readiness
Yourself
Among the six elements of cyber readiness, the CFAA would support “Yourself” (Cybersecurity & Infrastructure Security Agency, 2021). SSC would stand to lose greatly if the CFAA was violated. For instance, if the company engaged in the trafficking of passwords with the intent to defraud, they would be liable to criminal prosecution. If an individual employee has committed the act under SSC, the case would still be brought against the company. The company’s failure to ensure its employees complied with the CFAA would be viewed as negligent behavior. In addition, the company’s reputation would suffer greatly once the information became public. Therefore, the company has to take all the necessary measures to ensure it complies with the CFAA.
Your Staff
The ECPA would support “Your Staff” (Cybersecurity & Infrastructure Secu...
You Might Also Like Other Topics Related to human trafficking:
- Crime Nexus and The U.S. And International Coordination6 pages/≈1650 words | Chicago | Life Sciences | Essay |
- Contemporary Victimology1 page/≈275 words | APA | Psychology | Essay |
- Counterintelligence and Narcotics8 pages/≈2200 words | Chicago | Life Sciences | Research Paper |
- Center for Countering Human Trafficking 2 pages/≈550 words | APA | Social Sciences | Essay |
- Understanding the Importance of Having a Strategic Partner1 page/≈275 words | APA | Management | Essay |
- Identifying Various Narcotics6 pages/≈1650 words | Chicago | Life Sciences | Essay |
- Human Trafficking, Gender Inequality, and Globalization 3 pages/≈825 words | APA | Social Sciences | Essay |