...INTRODUCTION CEO duality happens when the same person occupies both the CEO and chairing the board in a corporation. On the other hand, if different individuals serve in these two pivotal positions, the firm can be said to adopt a separate leadership structure. The fundamental question surrounding CEO duality leadership is whether the chairperson‘s position should be filled by the CEO or by a different person (Daily & Dalton, 1997). The all round concern has been whether one person‘s positioning at the corporate pivotal positions of CEO and board chairperson weakens corporate governance effectiveness, leading to managerial opportunism and resulting in reduced firm performance (Brickley, Coles, & Jarrell, 1997; Finkelstein & D‘Aveni, 1994). From the agency theory perspective, having one individual in charge of both management implementation and control is not consistent with the concept of checks and balances. However, from an organization theory perspective, CEO duality may enhance organizational efficiency in corporate leadership. Most theoretical arguments against the practice of CEO duality leadership have centered on the issue of power concentration on dual CEO (Brockmann, Hoffman, Dawley, & Fornaciari, 2004; Daily & Dalton, 1997). Duality has been described as a concentration of power on the dual CEO, enabling dual CEOs to dominate the board, reducing board effectiveness in monitoring and controlling the management’s performance. CEO duality leadership...
Words: 7682 - Pages: 31
...Roles and Responsibilities of Security Manager 1. Crime Prevention and Investigation 2. Responsible for maintaining a secure environment through ensuring the security of the physical hotel plant. 3. Act as liaison between hotel and any governmental agencies such as police, fire and any safety regulatory bodies. 4. Establish and maintain procedures to reduce any internal theft/losses. 5. Establish and maintain procedures for the escort of employees transporting large sums of money. 6. Establish and maintain policy for employee locker control. 7. Establish and maintain policy for spot checks of employees carrying parcels when departing hotel property to ensure only employee personal property is leaving. 8. Establish and maintain systems/procedures to ensure that both regular and irregular patrols of entire complex are completed to maximum potential. 9. Ensure that all reports are completed properly and in a timely manner so as to ensure that all matters are duly communicated and all necessary actions are commenced as soon as required. 10. Coordinate investigation of all act of crime, or any losses incurred against by guests, patrons staff, and hotel company in order to determine those responsible and proceed with any necessary prosecution/recover of losses. 11. Must learn to personally conduct door lock readings, CCTV surveillance equipment, etc, in order to handle sensitive investigations. 12. Maintain control of departmental keys...
Words: 776 - Pages: 4
...Security Manger’s Role 2/8/14 SEC 310 Just as any other role in an organization, you need to set yourself goals and standards for yourself and your company. Without any of these, nothing can get accomplished. If you do not give yourself a bar to reach for, you are basically sitting in a stagnant place. A security manager, just like any other management position has objectives they must complete. Just as the title says, their main goal is to identify what the assets of the organization are and to form and develop a plan that will protect what is most valuable to their organization. Without any of this, their position would be pointless. This position can cover organizations of all sizes. From a small mom and pop organization to a large corporate worldwide organization, they still have the same goal in mind, and that is to keep the organizations assets protected. As a security manager there are levels below them that can help to address the issues such as loss prevention officers and a security risk department. The first goal for any organizations security manager would be to establish an organizational structure. Without the implementation of this then there would be no order of execution for getting tasks done (Ortmeier, P, 2013). Organizing things from the largest task to the smallest task would be a good start. Some of these tasks are going to be repetitive at times, and grouping some of the similar tasks together would be helpful to get things done...
Words: 1159 - Pages: 5
...systems and internal controls work properly. Some other IT auditors work for CPA firms that provide auditing services, and are required to travel to evaluate the information systems of clients. For the most part IT auditors work independently, but when they are assigned to larger and/or complicated projects, they use the collaboration of other peers. James Reinhard, CPA, CIA, CISA, manager of Simon Property Group Inc. who has more than 20 years’ experience in IT and integrated auditing states that “The ideal IT auditor should be able to discuss IP routing with the network folks in one hour and financial statement disclosures with the controller in the next” (Scharf, 2008). To become the ideal IT auditor IT audit certifications are the best option. IT audit certifications have become preferred requirements from employers and government organizations because of reliability, reason why employers put more emphasis in recruiting IT auditors with a professional certificate. When preparing to obtain a certification, students learn about standards and regulations and how to implement them to security assessments and internal controls. There are many...
Words: 5614 - Pages: 23
...TABLE OF CONTENTS Introduction 1 Purpose 1 Methodology 1 Organization_______________________________________________________________ 2 Body 2 Computer Forensics 2 Internet Security 2 Conclusion_________________________________________________________________ 4 Sources 5 Introduction In this report I will be writing on two jobs: computer forensics and information Security. I am writing on these two due to the fact that these are two job considerations for my degree. I will be discussing benefits of each job, average pay, and description of each job. I will take time to go into detail into each of the jobs that I would like to have. I will be going into the origin of each job, degrees required for each job, and the different fields that these jobs cover. Purpose The purpose of this report is to educate others and myself on what these two jobs are about. To better inform others of the importance of each of these jobs in the digital world. It will hopefully allow others to have a better understanding of the two jobs that I have chosen. There are many things about each of these jobs that people would deem as boring or not interesting, but the digital world is a very interesting place. It is like another world laid on top of this one, there but just out of reach unless you have the technology to access it. There are many things one can gleam from the internet and the digital world, and I will expound upon...
Words: 1629 - Pages: 7
...050- to 1,400-word paper explaining the role of a security manager within different organizations, including their role in achieving the larger organization’s goals. Describe how the security manager’s role is crucial to protecting the security needs of an organization. Identify key responsibilities and why they are vital. Use at least three references from the reading assignment, Internet articles, Electronic Reserve Readings articles, or industry journal articles to support your paper. Cite your sources. Explain 1. the role of a security manager 2. managers in different organizations 3. How security managers role is crucial to protect the organization 4. Identify key responsibilities 5. Why are their responsibilities vital? The role of a security manager within different organizations may differ in a few aspects, but all in all, that person’s role is extremely crucial and vital for the organization to maintain its objective and reach its goals. The end point of a security manager’s goal is ultimately to protect the security needs of the organization. We may see this in the role of the security manager of TSA (Transportation Safety Administration) as well as in the role of a private security firm such as Gaven de Becker & Associates. While the security manager of TSA has the responsibility of assuring the protection of the security of traveling citizens at airport terminals, the responsibility of a security manager at Gaven de Becker will be focused on a...
Words: 272 - Pages: 2
...In order to better serve Riordan Manufacturing’s information security infrastructure, a solid plan must be put in place to ensure that the approach to its implementation is logical, easy to follow, and effective. Many aspects must be considered when formulating an information security policy, including the needs of the company vs. best practice, thus striking a delicate balance between both variables. Therefore Smith Systems Consulting is dedicated to ensuring that a quality service is delivered that will meet these objectives. However, before a more comprehensive plan can be put into place, it is important that Smith Systems Consulting understands exactly how the security plan will be managed, and how to enforce it on the most basic level. It is therefore the opinion of our company to begin by defining a simple, yet utterly crucial part of Riordan’s base information security policy: separation of duties via the practice and implementation of role assignments. Separation of duties, in information technology, is the practice of dividing both IT staff and end users into managed groups, or roles. While users and IT staff, from an administrative level, may fall into several groups (ex., Accounting Department, Maintenance, Security, etc), these groups are not enough to enforce proper security policy. A more comprehensive approach is to define what the base access is for all of these groups, thus the use of roles. Roles basically define what level of system access each user and user...
Words: 1690 - Pages: 7
...mountainview-itsm.com Goals, Activities, Inputs, Outputs and Roles To collect, analyze, process relevant metrics from a process in order to determine its weakness and establish an action plan to improve the process. Activities 1 Define what you should measure 2 Define what you can measure 3 Gathering the data 4 Processing the data 5 Analyzing the data 6 Presenting and using the information 7 Implementing corrective action Repeat the Process Inputs Each activity has inputs Outputs Each activity has outputs Roles Process Owner, Service Manager, CSI Manager, Service Owner Knowledge Management Process Owner Reporting Analyst Service Measurement and Reporting Goal To monitor services and report on improvement opportunities Activities Service Measurement •Objective (Availability, Reliability, Performance of the Service) •Developing a Service Measurement Framework •Different levels of measurement and reporting •Defining what to measure •Setting targets •Service management process measurement •Creating a measurement framework grid •Interpreting and using metrics •Interpreting metrics •Using measurement and metrics •Creating scorecards and reports •CSI policies Service Reporting •Reporting policy and rules Inputs SLA Targets, SLRs, OLAs, Contracts Outputs Service Improvement Program, SLAM Reports Roles Process Owner, Service Manager, CSI Manager, Service Owner Knowledge Management Process Owner Reporting...
Words: 4361 - Pages: 18
...Introduction to the Management of Information Security Chapter Overview The opening chapter establishes the foundation for understanding the field of Information Security. This is accomplished by explaining the importance of information technology and defining who is responsible for protecting an organization’s information assets. In this chapter the student will come to know and understand the definition and key characteristics of information security as well as the come to recognize the characteristics that differentiate information security management from general management. Chapter Objectives When you complete this chapter, you will be able to: • Recognize the importance of information technology and understand who is responsible for protecting an organization’s information assets • Know and understand the definition and key characteristics of information security • Know and understand the definition and key characteristics of leadership and management • Recognize the characteristics that differentiate information security management from general management INTRODUCTION Information technology is the vehicle that stores and transports information—a company’s most valuable resource—from one business unit to another. But what happens if the vehicle breaks down, even for a little while? As businesses have become more fluid, the concept of computer security has been replaced by the concept of information security. Because this new concept covers a...
Words: 2580 - Pages: 11
...Build a Web Applications and Security Development Life Cycle Plan What are the elements of a successful SDL? The elements of a successful SDL include a central group within the company (or software development organization) that drives the development and evolution of security best practices and process improvements, serves as a source of expertise for the organization as a whole, and performs a review (the Final Security Review or FSR) before software is released. What are the activities that occur within each phase? Training Phase- Core Security Training Requirements Phase- Establish security requirements, create Quality Gates/Bug Bars, perform Privacy Risk assesments. Design Phase-Establish Design Requirements, perform Attack Surface Analysis/Reduction, use Threat Modeling Implementation Phase- Use approved tools, Deprecate unsafe functions perform static analysis Verification Phase- Perform Dynamic Analysis, Perform Fuzz Testing, Conduct Attack Surface Review Release Phase- Create an incident Response Plan, Conduct Final Security Review, Certify release and archive Response Phase- Execute Incident Response Plan Phase Activities Roles Tools Requirements - Establish Security Requirements -Create Quality Gates/Bug Bars -Perform Security and Privacy Risk Assessments -Project Managers -Security Analysts -Microsoft SDL Process Template for Visual Studio Team System - MSF-Agile + SDL Process Template Design -Establish Design Requirements -Perform Attack Surface...
Words: 2006 - Pages: 9
...Services D. Active Directory Rights Management Services AD FS is composed of three different server components: Federation Server, Federation Proxy server, and ADFS Web Agents. A federation server is the main AD FS component, which holds the Federation Service role. These servers route authentication requests between connected directories. A federation proxy server acts as a reverse proxy for AD FS authentication requests. This type of server normally resides in the demilitarized zone (DMZ) of a firewall, and is used to protect the back-end AD FS server from direct exposure to the untrusted Internet. The Web Agents component of AD FS hosts the claims-aware agent and the Windows token-based agent components that manage authentication cookies sent to web server applications. The Active Directory Lightweight Directory Services server role is a Lightweight Directory Access Protocol directory service. It provides data storage and retrieval for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services. Active Directory Certificate Services provides customizable services for issuing and managing public key infrastructure (PKI) certificates used in software security systems that employ public key technologies. The digital certificates that AD CS provides can be used to encrypt and digitally sign electronic documents and messages. These digital certificates can be used for authentication of computer, user, or device accounts...
Words: 1307 - Pages: 6
...that can be installed on Windows Server operating systems to provide users with Single Sign-On access to systems and applications located across organizational boundaries. It uses a claims-based access control authorization model to maintain application security and implement federated. Claims based authentication is the process of authenticating a user based on a set of claims about its identity contained in a trusted token. Such a token is often issued and signed by an entity that is able to authenticate the user by other means, and that is trusted by the entity doing the claims based authentication. In AD FS, identity federation is established between two organizations by establishing trust between two security realms. A federation server on one side (the Accounts side) authenticates the user through the standard means in Active Directory Domain Services and then issues a token containing a series of claims about the user, including its identity. On the other side, the Resources side, another federation server validates the token and issues another token for the local servers to accept the claimed identity. This allows a system to provide controlled access to its resources or services to a user that belongs to another security realm without requiring the user to authenticate directly to the system and without the two systems sharing a database of user identities or passwords. Another function is Microsoft Active Directory Lightweight Directory Services (AD LDS) is an independent...
Words: 1556 - Pages: 7
...Human Resources Information Security Standards Human Resources Information Security Standards Standards August 2009 Project Name Product Title Version Number Human Resources Information Security Standards Standards 1.2 Final V1.2 Final Page 1 of 10 Human Resources Information Security Standards Document Control Organisation Title Author Filename Owner Subject Protective Marking Review date Wokingham Borough Council Human Resources Information Security Standards Steve Adamek, Head of Business Systems G\Government Connect\WBC Policies Head of Business Systems IT Policy Internal Public April 2010 Revision History Revision Date Revisor Previous Version Description of Revision V2.1 V2.2 V2.3 V2.4 V1.0 V1.1 V1.2 Laura Howse Laura Howse Steve Adamek Laura Howse Laura Howse Laura Howse Laura Howse 2.0 2.1 2.2 2.3 2.4 1 1.1 Updated to include WBC references Updated to incorporate WBC changes Updated to incorporate Unison changes Updated to incorporate Unison changes Final Version Updated to include feedback from Human Resources Updated to include feedback from Human Resources Document Approvals This document requires the following approvals: Sponsor Approval Name Date Director of Transformation General Manager for Business Services & Section 151 Officer Head of Business Systems Deputy Head of Human Resources Computacenter Service Manager (Outsourced IT Provider) Document Distribution Andrew Moulton Graham Ebers Steve Adamek Maureen Vaughan-Dixon...
Words: 2757 - Pages: 12
...AIR TRANSPORT MANAGEMENT AND OPERATIONS David Lambert Air Transport Management and Operations Contents Introduction - Page 3 Principles of Management – Page 4 Human Resource Management – Page 9 Safety and Security – Page 14 References – Page 18 Introduction All companies and organisations are interested in producing profits, increasing market share and growing the range of products and services that they provide. In order to achieve these goals effective management within the organisation is required. In a general terms management is comprised of ‘top management’, ‘middle management’ and ‘operating management’. However when organisations reach the size of today’s major carriers these definitions can become fully define and a larger framework is required. When the air transport industry was in its infancy management was a much simpler process with smaller teams and shorter communication paths between levels within the organisation. In recent years major carriers have come to employ tens of thousands of people reducing the importance and sense of contribution anyone employee has within the structure. Lines of communication have stretched between decision-making and the ground worker removing a sense of teamwork and a confusion of the ultimate goals of the airline. In the highly competitive world of air transport creating and maintaining an efficient...
Words: 3784 - Pages: 16
...drives are not responding as quickly as advertised. What can you do? Answer: b. Ensure that the DMA transfer mode is configured for the drives. 2. Each time that you access files on a disk, the monitor blinks or goes blank for several seconds. What might be the source of the problem and possible solution? Answer: d. There is an IRQ conflict and you need to use Device Manager to resolve the problem. 3. You have just used the servermanagercmd command to install two server roles. Which of the following commands can you use now to verify that the roles are installed? Answer: a. servermanagercmd -query 4. You want to confirm how space is allocated on the disk drives installed in your server. Which of the following tools enables you to do this? Answer: c. Server Manager 5. Which of the following can be installed using the Add Hardware Wizard? (Choose all that apply.) Answer: a. CD/DVD drive, b. keyboard, c. monitor, and d. disk drive 6. You’ve obtained a new driver from the Internet for your server’s NIC. What tool enables you to install the driver? Answer: a. Device Manager 7. You have noticed lately that your server is running very slowly, especially when switching between programs. You see that the C: partition is running low on space, limiting the size of your paging file. You have a second partition, D:, that has 100 GB of free space. How can you move the paging file from partition C: onto partition D:? Answer: c. Configure it from...
Words: 2853 - Pages: 12
