Kudler Fine Foods Information Security

...

factors are highly significant especially because the company deals with sensitive customer information on a daily basis. This comes with the comprehension that it is significant that every employee remains cognizant of the fact that the hazards the company might face must also be included in the entire equation in the process of developing safeguards for the shopping system. As the risks increase, stratagems must be created that will incorporate elements of risk mitigation, risk assignment and also risk avoidance as important counter measures for any potential malicious threats.

Kim and Solomon, (2012) stated that education for the employees is also important as it will mainly involve risk mitigation of the entire system. Risk mitigating utilizes numerous controls in the process of reducing identified risks. At most times, these checks are primarily physical, technical and also administrative. An example of a risk mitigation instrument is an antivirus application which will significantly reduce the hazards of obtaining an infected document. Risk mitigation, as stated earlier, involves development steps of mitigation plans that are created to manage, eliminate or decrease the risk to a considerable level. Lack of training can result in incorrect data entered or lost, and the worker might not have a clear perspective of how the shopping program works. Also, the business must also make considerations on obtaining employee theft insurance policies with bonds issued on workers that handle a particular amount of assets.

All employees must have individual passwords and logins to ensure that the inputted data is done in a timely and accurate manner. The workers must also be required to take vacations and allow other employees to take over their responsibilities which will decrease the hazards of impropriety. A backup procedure which was earlier mention must also be incorporated which will now focus on the procedures and policies that will be utilized in safeguarding the data against power outages or incidents such as natural disasters that might destroy a considerable amount of relevant information.

System allocation will also occur since it involves the process of developing a server system that can adequately hand the estimated values of clients that might sign up for the program. It takes only a few customers in the process of making or breaking a server system that stores and also enhances the accessibility of customer data. It becomes a priority to have the backup equipment to avoid redundancies especially in situations where the hardware does not hold. Individually, the hardware lacks the capability of performing the necessary tasks of the system. Therefore, before implementation of the shopping system is completed, compatible software must be installed on the server system. The software will be cloud based and therefore, any registers that are available can access the data. These entries must be updated or replaced to support the newly developed software suite

Killmeyer, (2006) asserted that the cloud system would ensure that if there are some failures in the hardware, the data requests can be correctly redirected to a different redundant system. After the software and hardware are ready, the system must be tested with the data load. This process ensures that the system will not malfunction during the original host of the implementation, and therefore the data of the customers will not be lost in the system. When the shopping system is ready to be provided to the customers, the client’s data can now be entered into the system servers and also information concerning the release of the system will also be done. The customers can now gain access to the shopping program through the internet or in the systems of the store through the cloud server system.

Auditing

Information technology has become highly sophisticated. Kudler Fine Foods can implement various audit tools that can increase the assurance and trust especially in their relationship with their consumers, stakeholders and also suppliers. Audits of financial information and internal controls must be done on an annual and semi-annual basis. Moeller, (2005) stated that this audit must be conducted by a professional that has no influence in the business and must include relevant recommendations in the management on the improvement processes and practices necessary for the efficiency and effectiveness of the protection measures.

The organization can conduct audit trails which assist an enterprise through providing individual accountability. This is done through making it possible to view when the user did something incompetent. An audit trail is valid especially in the occurrence of a particular error made and also the log will make it possible to reestablish what might have caused this incompetency. Therefore, the company would gain knowledge if this error was made by the system, the user or the software. Through the implementation of an automated policy management instrument, the enterprise can have sufficient audit logs of the workers as they interact which will be conducted in an automatic way.

Future Audit Provisions

The requirements necessary for future audit provisions that the employees can use in the validation of the security strategies in the system are that they must have the ability to be used effectively by the internal workers for the sole purpose of serving the security system. This is an essential requirement, however; some audit provisions may provide inaccurate data that will not assist the employees as the safety of the company and make proper improvements needed. An example is if a company’s audit located numerous security vulnerabilities but did not specifically point them out comprehensively, the employees might have a tedious time in applying the audit to be useful to the security system. Audit provisions must ensure that the integrity of the system is maintained. Also, they must inform the company entirely for future application (Bagranoff, Simkin, and Strand Norman, 2008). Audit provisions must be made consistently depending on when and how often the organization needs them. Having audits in a quarterly basis every year will enable the workers to utilize them effectively to change and improve the company for greater success. After an audit has been submitted, the workers can assess the audit to view if there are excellent information such as security threats or vulnerabilities so that they can notify the management concerning these issues and correct them as fast as possible

Another requirement for provision of audits to be effectively utilized in the future is ensuring that they follow the necessary audit regulations so that they can be comprehended efficiently and also quickly. If the company trains their employees in a particular