Question

Software security:

Assume you are performing preliminary security risk assessment.

1. The first step in performing a preliminary risk assessment is asset identification. List down three

assets you identify in an in-store automated supermarket shopping system when conducting

the preliminary risk assessment.

2. Identify two possible security risks associated with an in-store supermarket shopping system and

propose a system requirement that might reduce each of those risks.

Answer 1

1.) Assets identification while performing risk assessment and three assets you identify in an in-store super market shopping system :-

• Assets identification while performing risk assesment can include --
• Inventory and profit -- The super market calculates its annual profit and substract its annual reveue from annual operating expenses.
• In the end of the year the inventory contributes to the amount of profits that the super market shopping system reports by lessing value of expenses.
• Inventory and balance sheet -- Inventory can be reflected as an assets on super market shopping system because the market's balance sheet that represent its future earning potential.
• Inventory and taxes -- The tax from super market shopping system used to report profit and loss includes a section for calculating preliminary profit based on cost of goods sold.
• Three assets you identify in-store super market shpping system --
• Inventory and profit
• Inventry and Balance sheet
• Inventory and taxes

2.) Identification of two possible security risk associated with in-store supermarket shopping system :-

• Inventory damages -- the natural disaster can affect in stor supermarket shoping system.
• the natural disasters damages physical structure, power outages and resulting in product losses.
• so the risk managment strategy should include purchasing commercial property insurance policies which can cover inventory damages.
• Fail to monitor competitors --
• If in-store supermarket shopping system do not have digital presence, it can be difficult to check online to see competing business in your neighborhood, and to check weather they are active on social media or not.
• Purpose system requirment that might reduce each of those risk :-
• in-store supermarket should install physical security system which can be video monitoring equipment, locked display cases for the item which can be easly stolen, Sensor based product tags and lables and the sound of alerts when customer leave the store.
• If most of your competitors are online then you can also consider for marketing consultants and web designer to help shape brand's digital presence.
• Train the employees to identify shoplifters like sign of thives moving in large group, attemt to distract employees, and switch price tag and product packaging to purchase expensive items in chep rate.