Benefits Elections System
CMGT/442
June 28, 2011
Jack Komsa
Benefits Elections System
The following paper is documentation for Huffman Trucking Company service request number 001. This documentation purpose is to address all the possible security risk and requirements that will be associated with the implantation of Benefits Elections Systems requested by Keneth Colbert, Director of human resources department. The goal is to present an overview of all the risks that will cause the company reliability if something would happen to employees’ information involving this new system. Also it will include some extra requirements to prevent potential treats and risks.
Huffman attempt to develop this new Benefits Elections System is to track and report all union and non-union employee Health Insurance Benefits. In the developing part of this system it needs to be first planned out totally. This is a major impact on the company risk factory. That means if the project is not well thought out, risk will fall on these four major components; Operating System, Network, Data Store, and Applications.
Concerning the operating systems in a company where there is a new system implanted the risk is high on probability and impact if not well planned. The BES (Benefits Elections System) should be compatible to the company main OS. If otherwise the OS will do one of the following: crash, and open an access point. On the authentication control element side, the identity of all users currently logged onto the system must be internally maintained (GAO, 1998). In the Access Control side, only authorized authenticated users and remote applications may have access (GAO, 1998). In the network authentication, all data passed through the network must identify the originator and recipient (GAO, 1998). Network Access Control must be based on a business requirement (GAO, 1998). Data store needs the identity of all users currently logged onto the system must be internally maintained (GAO,...