logo

Information Security Audit: Trump Hotel

18 Pages2377 Words269 Views
   

Added on  2023-04-06

About This Document

This document represents the findings from our information security audit of Trump hotel as contracted by the management. The audit reviewed the key information security control framework, the policies, and standards surrounding the information security, systems and applications currently being used by the Hotel and lastly the network infrastructure of the Hotel.

Information Security Audit: Trump Hotel

   Added on 2023-04-06

ShareRelated Documents
Information Security Audit: 1
Information Security Audit Plan of Trump Hotel
by [Student Name]
Foundation Course – [Course Name]
Tutor: [Tutor]
[Institutional Affiliation]
[Department]
[Date]
Information Security Audit: Trump Hotel_1
Information Security Audit: 2
Executive summary
This document represents the findings from our information security audit of
Trump hotel as contracted by the management. The audit reviewed the key
information security control framework, the policies, and standards surrounding the
information security, systems and applications currently being used by the Hotel and
lastly the network infrastructure of the Hotel. This was in line with the recent
cybersecurity attack which led to massive data loss at the company. The audit
highlighted some key risks and made a key recommendation to the board and shown
below
Risk Level Impact Control Control
Types
Resources Justification
Data Loss High High Have backup
procedure in
plac
Prevetion Backup
Cloud
provider
subscription
This will ensure
data is always
available in
secondary
sources
Impersonificatio
n
High High Have three
factor
authenitifcatio
implemented
by use
Biometrics
Corrective Biometric
identfifctaion
devices
This will greatly
reduce chances
of personell
impersonification
System failures Medium High Have strict
software
update
Mitigate Publication
of update
procedures
This will ensure
the procedure is
well
Information Security Audit: Trump Hotel_2
Information Security Audit: 3
policies,
antivirus
programs up
to date, SLA
reviewed to
include onsite
support level
disseminated
Denial of Service High High Have
redundant
sites cold site
to house
critical
business
processes in
case primary
one is under
DDOS attacks
Preventive Building a
remote cold
site
To ensure
business
continuity in case
primary site is
under DDOS
attack
Compliance risks Low Medium Review and
update
policies,
procedure,
and standards
to ensure
compliance
with federal
Mitigation Review and
publication
of IT
standards
To ensure
effective
compliance
Information Security Audit: Trump Hotel_3
Information Security Audit: 4
laws
Insider threats Medium Medium IDS and IPS
installation to
automate log
review
Preventive Installation
of IDS and
IPS
To the prevent
success of
impersonification
attacks
Legal risks Medium Medium
Background Information
The Trump International Hotel is a luxurious Hotel build of the Condominium
type that is located Las Vega, Nevada state. The Hotel boast of two restaurants, that is
the Developers and the poolside world-class restaurants. The Hotel building currently
is the tallest building now in Las Vegas. Being affiliated to the United States
president, the Hotel has had the privileged to host presidents from other parts of the
world who conglomerate at the Las Vegas city for International relations task. The
key systems used by the hotel including the SAP enterprise management system
which manages the Hotel at the enterprise level. The key systems in the SAP ERP
include the Booking system, checking system, checkout system, order system,
payment system, payroll system, and supply chain system all link to the other
branches of the Hotel.
The technological innovations and advancement of the Hotel and affiliation to
the US president has made it a cyber-security target which has in the past hit the
Hotel and data about guests potentially breached. It is with this regard that we
were consulted to offer external auditing expertise and audit the organization in
Information Security Audit: Trump Hotel_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
BSBADM504 : Plan and Implement Administrative Systems
|14
|2300
|22