Describe the responsibilities related to the handling of data as it pertains to legal, ethical and/or agency auditing issues.

Assessment Description

In today's world, the ever-changing social media and digital environments require professionals to have a solid foundation in law and ethics. As a future InfoSec professional, you will be required to understand the scope of your organization's legal and ethical responsibilities. Your role will be critical in helping to control the organization's liability for privacy and security risks.

Prior to beginning this assignment, view "Compliance: Law, Ethics, and Digital Forensics" within the "Video Playlist: Policy Management for Security Solutions," located in the Class Resources.

In 1,500–1,700 words, address each item below to demonstrate how one would build a reliable, ethical, and legal information system that businesses and consumers can trust.

Part 1

As the computer forensics industry is growing, consider how the methods for handling computer crimes differ from traditional methods. Make sure to address the following:

1. What is the purpose of digital forensics?
2. Explain why is it important for any organization to sustain a permanent digital forensics team?
3. In digital forensics, must all investigations follow the same basic methodology? Justify your rationale and explain the steps involved in this methodology.
4. In relation to digital forensics, list the applicable laws and policies related to cyber defense and describe the major components of each pertaining to the storage and transmission of data. Note: This information can be presented in a table or chart.
5. Using the organization you selected in Topic 1, discuss the legal rights of the organization or the user to perform forensic investigations on personal mobile devices that are part of your BYOD policy.

Part 2

In many situations, multiple levels of government must work in partnership when ensuring security compliance. For each scenario, research and understand the Federal, State and Local Cyber Defense partners/structures. Then, identify the applicable law(s) it would fall under, as well as describe how the type of legal dispute (civil, criminal, private) affects the evidence used to resolve it. Note: This information can be presented in a table.

1. Transmission of underage photographs to various email addresses in CA, AZ, and CO
2. Colonial Pipeline Hack
3. Victim's identity used to open a new account
4. Bank fraud/scam
5. A firm's credit card records are stolen
6. Several cyberattacks penetrated several U.S. federal organizations
7. Financial scandal
8. Financial institutions refuse to disclose their privacy policies to their customers
9. Patients' information is stolen
10. A candidate is not selected for employment due to a disability

Part 3

When providing information assurance, a sound defense strategy does not only look at the legal aspects but also the ethical abuses of abilities on the job.

1. There are three main categories of unethical behavior that organizations must seek to minimize: Ignorance, Accident, and Intent. From your professional/personal experience, provide example(s) for each of the categories of some best practices for how to prevent such activities from happening.
2. What happens when a job task borders on unethical from your personal viewpoint? Is your response to the issue any different than what you discussed above? What behaviors/tasks would an organization find acceptable where your personal viewpoint may not? Select 2-3 scenarios and discuss how you would address them from a Christian worldview. Consider Matthew 18:15-18. How could you apply this to a workplace scenario?
3. Refer to the ISACA codes of conduct. Describe the responsibilities related to the handling of data as it pertains to legal, ethical and/or agency auditing issues.
4. InfoSec professionals are under increasing pressure to provide global access to information/data without sacrificing security. Explain how the following can be used to manage security in your company's network: a) Firewalls, B) IDS, and C) IPS. Justify your rationales. Make sure to address how security practices, methods, and updates have been improved over time to address current global needs.

Prepare this assignment according to the guidelines found in the APA Style Guide, located in the Student Success Center. 

This assignment uses a rubric. Please review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.

You are required to submit this assignment to LopesWrite. A link to the LopesWrite technical support articles is located in Class Resources if you need assistance.