Q1 – 25 points From the textbook’s [1] use of concepts and terminology in Chapters 3 to 5, pick the top 10 to 20 of the terms and concepts useful for managing IT risks, providing IT assurance, and utilizing sound Human Computer Interaction (HCI) principles in IT operations. Tell why you have made each choice. (Example terms and concepts include risk, controls, assurance, users, operations, access, etc.)

Q1 – 25 points From the textbook’s [1] use of concepts and terminology in Chapters 3 to 5, pick the top 10 to 20 of the terms and concepts useful for managing IT risks, providing IT assurance, and utilizing sound Human Computer Interaction (HCI) principles in IT operations. Tell why you have made each choice. (Example terms and concepts include risk, controls, assurance, users, operations, access, etc.)

Q2- 25 points You have been promoted to Call Center Director [2] and your organization follows CobiT [1]. Part of your promotion was to recognize your abilities in working in the HCI part of IT that is, working with users, including human factors, ergonomics and user-centered computing. In awarding the promotion, the CIO specifically mentioned that you took better care of the call center reps so they could take better care of the callers. Since user experience is the key to your call center’s success, you want to incorporate that user-centric flavor into the Call Center IT. You see this can be incorporated into the auditing of IT controls that is ongoing within your organization.

Once again you turn to a web search and discover that heuristic evaluation [3, 4] is an approach to user-centered evaluation that will work nicely within the Call Center to evaluate operational effectiveness [1, page 29]. You conclude that through a small (n=6) panel of expert users (expert call center reps), the usability effectiveness of the Call Center’s password policies and procedures can be regularly assessed, and thereby contribute coverage of HCI to IT Assurance. Write a 1 to 2 page plan to complete regular heuristic evaluations of the IT within the Call Center that will contribute to evaluating IT’s operating effectiveness.

Q3 25 points Complete Caselet 5 Software Programs Inc. for the Caselets [5, pages 16-17]. Write at most 4 pages on the 4 questions at the end.

Q4 15 points Have you ever had a major incident with your own IT (virus, attack, loss of data, etc.)? If so, describe it. State whether you implemented any of the advice listed in the textbook [1] and whether it helped you. If you have not had a major IT incident, review and comment on the helpfulness of the advice in the textbook [1] for detecting and/or dealing with an IT incident. Write at most 2 pages.