Question 1

Information security breaches cost approximately ________ annually.&#10;A)78 million&#10;B)45 billion&#10;C)17 billion&#10;D)100 billion

Accepted Answer

According to a report by the Ponemon Institute in 2019, the average cost of a data breach is around 3.9 million dollars. Based on this average, information security breaches could cost approximately 17 billion dollars annually.

Question 2

Three main goals of information security are to achieve confidentiality, integrity and availability within a HRIS.

Accepted Answer

The three main goals of information security are indeed to achieve confidentiality, integrity, and availability within a HRIS (Human Resource Information System) or any other information system. Confidentiality refers to protecting sensitive information from unauthorized access and disclosure, integrity involves maintaining the accuracy and consistency of data, and availability means ensuring that authorized users can access the system and its data when needed. These three goals together are commonly known as the CIA triad of information security.

Question 3

According to Kovach and Tansey (2000)________ is one of the four elements of privacy that is defined as the right to control one's personal information, including the methods of dissemination of that information

A)Solitude
B)Anonymity
C)Intimacy
D)Reserve

D

Accepted Answer

According to Kovach and Tansey, Reserve is one of the four elements of privacy that refers to the right to control one's personal information, including the methods of dissemination of that information. Solitude refers to the right to be left alone, Anonymity refers to the right to remain unidentified or unrecognized, and Intimacy refers to the right to have control over intimate aspects of one's life.

Question 4

Information security issues are solely the responsibility of the IT Department and IT managers.

Accepted Answer

While the IT department and IT managers play a significant role in ensuring information security, it is ultimately the responsibility of all employees in an organization to adhere to security policies and procedures. Executives and managers from other departments must also play an important role in establishing and enforcing security protocols.

Question 5

According to the text, approximately what percentage of employers monitor what employees are posting to external blogs and social networking sites?&#10;A)25%&#10;B)33%&#10;C)75%&#10;D)100%

Accepted Answer

The answer of According to the text, approximately what percentage...

Question 6

Cybercrime and security breaches cost firms an average of $ _______ annually.&#10;A)15, 670&#10;B)6, 990&#10;C)833,000&#10;D)77, 400

Accepted Answer

According to a study by IBM, the average cost of a data breach for a company is $833,000.

Question 7

Viruses, worms and trojans are common external security threats organization and often come in email attachments.

Accepted Answer

Viruses, worms, and trojans are common external security threats for organizations and can often be spread through email attachments.

Question 8

According to Kovach and Tansey (2000)________ is one of the four elements of privacy that is defined as the right to control one's personal information, including the methods of dissemination of that information

A)Solitude
B)Anonymity
C)Intimacy
D)Reserve

Accepted Answer

Solitude is the element of privacy that refers to the right to be alone without disturbances. Anonymity refers to the right to remain anonymous or unrecognized, intimacy refers to the right to have intimate relationships without interference, and reserve refers to the right to keep personal information private.

Question 9

The Personal Information Protection and Electronic Document Act was enacted in __________to support and promote electronic business by protecting personal information that is collected, used, or disclosed in certain circumstances.

A)Canada
B)United States
C)European Union
D)South Korea

Accepted Answer

The Personal Information Protection and Electronic Document Act (PIPEDA) was enacted in Canada in 2000 to protect personal information and promote electronic business.

Question 10

The ISO/IEC 27002 security management process does NOT consist of&#10;A)Administrative/procedural controls&#10;B)Logical/technical controls&#10;C)Physical controls&#10;D)Strategic controls

Accepted Answer

The ISO/IEC 27002 security management process does not include strategic controls. It includes administrative/procedural controls, logical/technical controls, and physical controls. Strategic controls are not specifically mentioned in the ISO/IEC 27002 standard.

Question 11

According to Austin and Darby (2003)it is estimated that security breaches (internal and external)affect _____ of all businesses every year.&#10;A)15%&#10;B)40%&#10;C)75%&#10;D)90%

Accepted Answer

The answer of According to Austin and Darby (2003)it is...

Question 12

A hacker is defined as someone who accesses a computer or computer network unlawfully.

Accepted Answer

The answer of A hacker is defined as someone who...

Question 13

_________ are best described as someone who accesses a computer or computer network unlawfully.&#10;A)Hackers&#10;B)Virus/worms/Trojans&#10;C)Information thief&#10;D)Disgruntled employees

Accepted Answer

The answer of _________ are best described as someone who...

Question 14

According to Kovach and Tansey (2000)________ is one of the four elements of privacy that is defined as the right to control one's personal information, including the methods of dissemination of that information

A)Solitude
B)Anonymity
C)Intimacy
D)Reserve

Accepted Answer

The answer of According to Kovach and Tansey (2000)________ is...

Question 15

Which of the following is considered a common security threat?&#10;A)Human error&#10;B)Damage by employees&#10;C)Hackers&#10;D)All of the above

Accepted Answer

The answer of Which of the following is considered a...

Question 16

Which U.S.state enacted the Security Breach Notification Law? The law requires organizations to notify customers or employees when unencrypted personal information may be compromised, stolen or lost&#10;A)New York&#10;B)Massachusetts&#10;C)California&#10;D)Washington

Accepted Answer

The answer of Which U.S.state enacted the Security Breach Notification...

Question 17

According to Kovach and Tansey (2000)________ is one of the four elements of privacy that is defined as the right to control one's personal information, including the methods of dissemination of that information

A)Solitude
B)Anonymity
C)Intimacy
D)Reserve

Accepted Answer

The answer of According to Kovach and Tansey (2000)________ is...

Question 18

All companies have been affected by computer-based fraud such as data processing or data entry routines that are modified.

Accepted Answer

The answer of All companies have been affected by computer-based...

Question 19

The main goal(s)of information security is/are to achieve:&#10;A)Confidentiality, and integrity&#10;B)Integrity, and availability&#10;C)Confidentiality, and availability&#10;D)Confidentiality, integrity, and availability

Accepted Answer

The answer of The main goal(s)of information security is/are to...

Question 20

Which of the following is not considered a &#34;best practice&#34; that HR managers should consider to secure information security and privacy?&#10;A)Train users on how to securely use and handle the equipment, data, and software.&#10;B)Make backup copies of data files and programs&#10;C)Do not allow passwords to be shared.Change passwords frequently&#10;D)Require employees to take sensitive material home with them so that it is not left at the office.

Accepted Answer

The answer of Which of the following is not considered...

Question 21

Briefly list and describe the important goals/considerations of information security?

Accepted Answer

The answer of Briefly list and describe the important goals/considerations...

Question 22

Governments, at various levels, in most of the developed countries have enacted several laws and regulations to safeguard information security and data protection.Please list and briefly describe 3 such laws discussed in chapter 16 of the textbook.

Accepted Answer

The answer of Governments, at various levels, in most of...

Question 23

Information availability means that the individuals must be able to process and access personal information.

Accepted Answer

The answer of Information availability means that the individuals must...

Question 24

ISO/IEC 27002 (ISO, 2000), is a security management process which focus of technological control of information.

Accepted Answer

The answer of ISO/IEC 27002 (ISO, 2000), is a security...

Question 25

Confidential information must only be accessed, used, or disclosed by authorized users.

Accepted Answer

The answer of Confidential information must only be accessed, used,...

Question 26

Privacy is a human value consisting of four elements that refer to human rights, namely, solitude, anonymity, intimacy and reserve.

Accepted Answer

The answer of Privacy is a human value consisting of...

Question 27

What is meant by information security in HRIS?

Accepted Answer

The answer of What is meant by information security in...

Question 28

Information privacy concerns come to play wherever personally identifiable information is collected, stored and used.

Accepted Answer

The answer of Information privacy concerns come to play wherever...

Question 29

Information security in HRIS pertains to protecting information in the HRIS from unauthorized access, use, disclosure, disruption, modification, or destruction.

Accepted Answer

The answer of Information security in HRIS pertains to protecting...

Question 30

Please list and briefly describe the four elements of privacy..

Accepted Answer

The answer of Please list and briefly describe the four...

Question 31

The value of information is rarely higher than the price of hardware and/or software being used to store that information.

Accepted Answer

The answer of The value of information is rarely higher...

Question 32

While they are relatively uncommon, security breaches can be costly for the organization.

Accepted Answer

The answer of While they are relatively uncommon, security breaches...

Question 33

What are the information security and privacy considerations in the design, development and maintenance of HRIS?

Accepted Answer

The answer of What are the information security and privacy...

Question 34

There are many threats to information security.Please describe five information security threats.

Accepted Answer

The answer of There are many threats to information security.Please...

Question 35

What are some of the best practices that HR managers should consider to secure information security and privacy? Be sure to list at least 5 best practices that were discussed in class as well as in your textbook.

Accepted Answer

The answer of What are some of the best practices...

Question 36

Integrity of information means data must be created, modified, or deleted only by authorized users.

Accepted Answer

The answer of Integrity of information means data must be...

Question 37

If you were an HR manager how would you attempt to combat information security threats?

Accepted Answer

The answer of If you were an HR manager how...

Question 38

Privacy is a universal concept that is viewed similarly in different cultures.

Accepted Answer

The answer of Privacy is a universal concept that is...

Question 39

What are some of the best practices for handling information in HRM/HRIS? Please state 5&#10;best practices for handling information in HRM/HRIS

Accepted Answer

The answer of What are some of the best practices...

Deck 16: Information Security and Privacy in Human Resource Information Systems