Which of the following will MOST effectively help to manage the challenges associated with end user-developed application systems?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
End user-developed application systems (EUDAS) can pose significant challenges for organizations in terms of information security, data integrity, and compliance with legal and regulatory requirements. EUDAS are typically developed by non-IT personnel, such as business users or departments, using tools like spreadsheets, databases, or custom software development environments.
To manage the challenges associated with EUDAS, organizations need to implement a range of controls and practices that can help mitigate the risks. The answer that will MOST effectively help to manage the challenges associated with EUDAS is:
A. Developing classifications based on risk
Developing classifications based on risk involves identifying and classifying EUDAS based on their level of risk to the organization. This approach requires an understanding of the types of EUDAS that are being developed and their potential impact on the organization.
For example, EUDAS that handle sensitive financial data may be classified as high risk, while EUDAS that are used for basic data entry tasks may be classified as low risk. Once the EUDAS are classified, appropriate controls can be implemented to mitigate the risks associated with each category.
This approach allows organizations to focus their resources on the most critical EUDAS and apply controls that are appropriate to the level of risk. By focusing on the most critical EUDAS, organizations can reduce the overall risk associated with these systems and minimize the impact of any security breaches or compliance violations.
B. Introducing redundant support capacity
Introducing redundant support capacity involves creating duplicate or backup systems to ensure that critical EUDAS are always available and operational. This approach can help mitigate the risks associated with EUDAS downtime or system failures.
While redundant support capacity can be an effective control, it can also be expensive and time-consuming to implement. In addition, it may not address other risks associated with EUDAS, such as data integrity or compliance issues.
C. Prohibiting creation of executable files
Prohibiting the creation of executable files can help mitigate the risks associated with malware and other malicious software that can be embedded in EUDAS. This approach can be effective in reducing the risk of malware infection, but it may also limit the functionality of EUDAS and prevent users from developing custom solutions that meet their specific needs.
D. Applying control practices used by IT
Applying control practices used by IT involves implementing the same controls and practices used for traditional IT systems to manage the risks associated with EUDAS. This approach can be effective in reducing the risks associated with EUDAS, but it may also be expensive and time-consuming to implement.
In summary, developing classifications based on risk is the MOST effective approach to managing the challenges associated with EUDAS. This approach allows organizations to focus their resources on the most critical EUDAS and apply controls that are appropriate to the level of risk.