My Philosophy Of Teaching Literacy - 3052 Words

Jennifer Blalock Philosophical Statement: My Philosophy of Teaching Literacy CTGE 5549: Carol Manocchi My Philosophy of Teaching Literacy Defining Literacy I am currently a high school teacher of Living Environment in a public school in the Bronx. Over 80% of the students at my school are on reduced lunch. Additionally, over 98% of my students are Latino/Hispanic and African American. As I come to define what literacy means to me as a teacher, I begin to come to realize that my own definition of literacy is highly influenced by my personal experiences in life. I grew up in a single parent home in a rough part of town and attended a school that was majority Latino/Hispanic and African American throughout my academic career until I reached college. The university where I attended was the complete opposite: most of the students were white with only a handful of students of other ethnicities. While in college, I remember being self-conscious about my ability to both read and speak. Public speaking was one of my phobias during my undergraduate career. I noticed that all of my white colleagues were articulate with their speech and never seeme d to stumble over words. Myself on the other hand, I struggled with certain root words and for that reason I never wanted to speak out in class. However, I believe the most frustrating part of this whole experience was the lack of understanding from my colleagues. For them, reading and speaking was something that justShow MoreRelatedTeaching Philosophy and Rationale1001 Words   |  4 PagesPart 1: Teaching Philosophy and Rationale In designing a teaching philosophy and rationale, it is important to recognise at the outset that students or learners have different abilities, needs, cultural backgrounds and learning styles. Positive attitudes are sustained when classroom approaches centre on learning and not on teaching. For them to acquire knowledge and skills, they like to be engaged and encouraged where they partake in the processes of their learning despite their cultural diversitiesRead MoreMy Personal Statement For Teaching Reading772 Words   |  4 Pagescourse and specifically searching for the modules that have given me the most information, taught me something new or expanded my knowledge on a specific topic of reading, I have come to realize how far I have come since I began this adventure. I began these courses after graduating from Marshall with my bachelors. I chose this path because of my love for reading and teaching reading. I have come to realize that these courses have enabled me to become a m ore effective reading teacher and I now haveRead MoreEssentialism is an educational philosophy in which it is important to â€Å"promote and instill cultural600 Words   |  3 PagesEssentialism is an educational philosophy in which it is important to â€Å"promote and instill cultural literacy in all students† (Morrison, 2009, p.338). Teachers only teach the basic skills that they think are necessary for educational and cultural growth. I noticed several things throughout my experience with the school system which leads me to suggest that our school system is based on the philosophy of essentialism. Essentialists believe that a curriculum that develops cultural literacy and basic skills isRead More Educational Philosophies Essay1574 Words   |  7 PagesEducational Philosophies Many different ideas of the correct educational philosophy exist. Highly acclaimed psychologists and educators developed these varying philosophies. Each of these philosophies have their strengths and weaknesses and have their positives and negatives in different situations. It is our job as educators to sift through this list of philosophies to find our own style and philosophy. We must research the pros and cons of each philosophy and pick and choose which sectionsRead MoreTeaching Literacy Strategies For Developing Literacy974 Words   |  4 PagesLiteracy instruction should provide students with a variety of opportunities to read, write, listen, and speak. Getting to know my students is extremely important to me because I believe students’ interests need to be considered when developing literacy lessons. It also helps when choosing books to read aloud to the class and when choosing books for the class library. I believe in scaffolding my lessons and using the different strategies that we learned about in class. I will use many of the strategiesRead MoreI Am A Great Philosophy Of Education1104 Words   |  5 PagesTeachers need a great philosophy of education, which includes a great philosophy of literacy. The philosophy of literacy contains two parts, which are the philosophy of reading and the philosophy of writing. Every teacher has their own belief in what constitutes a great literacy program. â€Å"Balanced reading is deep-rooted in the belief that teachers should constantly be aware of student individual needs and progress† (Bennett, n.d.). I will be discussing my philosophy of reading and my beliefs on what constitutesRead MoreA Personal Philosophy Of Education869 Words   |  4 Pageshealthcare field continues to evolve so must the nursing education system. Personal Philosophy of Education A personal philosophy of education is important to all Nurse Educators. It allows for the Nurse Educator to truly take time to reflect and reconnect to themselves and their profession; highlighting what is central and sacred to them as an individual, a nurse, and an educator. I believe that my personal philosophy of education will continue to progress and change just as healthcare and our educationalRead MoreLiteracy Is The Cornerstone For All Learning926 Words   |  4 PagesLiteracy is the cornerstone to all learning; it is imperative to future academic success. (Tracey and Morrow, 2012). Due to the significance of literacy instruction, there are a myriad of ways to teach literacy. Literacy is a complex subject, honing in on balancing reading, writing, speaking, and listening. As a result of the complexity of literacy instruction, we arrive at the age-old debate of what is the best literacy instruction. My philosophy of literacy instruction centralizes around theRead MoreT he National Reading Panel ( A Short Note On ) And The International Reading Association ( Ira )1034 Words   |  5 PagesInternational Reading Association (IRA) are two different associations that provide research findings on the best practices for teaching and learning literacy. Reading and understanding the findings of both associations is important for educators and parents to boost the literacy rates of our children. Below I will summarize the reading standards that our outlined by both and provide my thoughts and insights. The NRP concludes that children need to be taught certain instructional methods to excel in readingRead MoreStrategies For Teaching Writing As A Group1634 Words   |  7 Pagesstrategies for teaching writing as a group, we presented a well-rounded daily task to the discussion board, awaiting students in our learning group to respond. It s these responses that will guide this section of the folio and my own personal reflection regarding my role in the group. From day one of our posts students has responded well. One post that was submitted by Skinner (2017) has supported my own views of literacy; the post was that handwriting skills should be integrated into the literacy curriculum

Current Research On Bipolar Disorder II - 2570 Words

Current Research on Bipolar Disorder II Shannon J. Oliveira American School of Professional Psychology Psychopathology Fall 2014 Current Research on Bipolar Disorder II The following is a review of recent peer reviewed research articles in the field of psychology contributing to new information on the diagnosis, treatment, and outcome measures for Bipolar Disorder II (BDII). First, you will find a description of the diagnostic presentation of BDII, followed by the corresponding results of the research, and ending with an explanation of how the following research will influence our work as mental health practitioners. Bipolar II Description The Diagnostic and Statistical Manual of Mental Disorders-Fifth Edition (DSM-5) describes BDII as an instability of mood categorized by the lifetime prevalence of at least one major depressive episode and at least one hypomanic episode (American Psychiatric Association, 2013). Generally speaking, a major depressive episode consists of a depressed or consistent low mood for a period of at least two weeks. A hypomanic episode on the other hand, consists of a period of elevated, expansive, or irritable mood lasting at least 4 consecutive days. Both episodes generally cause serious implications on the individual’s daily living in regards to social, academic, and work environments. For a diagnosis to be made by the DSM-5, a list of particular criteria must be met, and specific information such as what the individuals current or most recentShow MoreRelatedBipolar Disorder : Psychological Trauma And Neurobiological Abnormalities1627 Words   |  7 PagesIn Letters from a Bipolar Mother Alyssa Reyans states, â€Å"bipolar robs you of that which is you. It can take from you the very core of your being and replace it with something that is completely opposite of who and what you truly are.† Individuals diagnosed with bipolar disorder are often misdiagnosed because bipolar is such a complex disorder that contains symptoms of other mental illnesses. Bipolar disorder is a debilitating mental illness that consists of multiple different forms, each with theirRead MoreSymptoms And Symptoms Of Bipolar Disorder1289 Words   |  6 PagesAfter class discussion, it became apparent that individuals with bipolar disorder (BD) can have occupations and can interact norma lly with others if the disorder is kept under control or manage by psychopharmacological interventions. The lability that can be seen during the manic episodes may be puzzling or irritating to those who are not familiar with the different signs and symptoms that a person may display during this phase. In view of the unpredictability or lability that individuals with BDRead MoreManic Depression And The Gemini Disorder Essay1490 Words   |  6 PagesManic depression, or â€Å"The Gemini disorder† is most commonly known as Bipolar Disorder. This illness is a brain disorder, which causes abrupt and unusual mood shifts. These irritable mood shifts can be related to the individual’s energy, activity levels, or their ability to carry out daily tasks. This disorder goes beyond the ordinary mood swings we all are aware of. Manic depression has three forms that are characterized as periods of acute elevation of elatedness, or irritability. More often thanRead MoreBipolar Disor der1126 Words   |  5 PagesBipolar Disorder Bipolar Disorder In the world today Bipolar Disorder Abstract This article reviews the current state of the literature on the assessment of bipolar disorder in adults. Research on reliable and valid measures for bipolar disorder has unfortunately lagged behind assessment research for other disorders, such as major depression. We review diagnostic tools, self-report measuresRead MoreSymptoms And Treatment Of Bipolar II1377 Words   |  6 PagesIn this paper I will provide an overview of bipolar II disorder, a personal case history, and treatment plans using solution-focused therapy, cognitive behavior therapy, and acceptance and commitment therapy to treat a client with bipolar II diagnosis. Bipolar II Disorder Bipolar II disorder is primarily characterized by states of hypomania and depression, which often impair a person’s ability to function in a social, work, or familial setting. Depression is more often an impairment than hypomaniaRead MoreSuicidal Behavior Including Attempted Suicide Completed And Successful Suicide1526 Words   |  7 Pagesincluding attempted suicide completed / successful suicide. The study focused on patients that had been diagnosed of borderline personality disorder (BPD), severe mood disorders, major depressive disorder (MDD), bipolar disorder (BP) and schizoaffective disorder. The study focus was also to determine the different influences that borderline personality disorder has on suicide risk. The study was interesting information on suicide behavior and how it remains an issue among citizens of the United StatesRead MoreSymptoms And Treatment Of Bipolar Disorder1274 Words   |  6 Pagesconclusion, Ben Tang was diagnosed with bipolar II disorder indicated by DSM-5 at age 47. He experienced symptoms such as feeling depressed, suicidal thoughts, and worthlessness in depressive episodes. He experienced symptoms such as racing mind, trouble falling asleep, and committing reckless behaviors in hypomanic episodes. It can be challenging to live with bipolar disorder because the symptoms can be hard to deal with. There are several ways to manage bipolar disorder, include medications, support groupRead MoreThe Physical And Mental Health Of Their Child1005 Words   |  5 PagesSo, finding out that your child has call bipolar disorder will disturb any concerning parent, especially if their child is young. What is this bipolar disorder? Bipolar disorder, also referred to as manic d epressive illness, is a disorder that causes spikes in a person’s attitude, energy level, and sometimes their desire to perform actions. ( Psychology today 2016) These symptoms can range from moderate to very severe in people of all ages. This disorder can affect many different aspects of one’sRead MoreBipolar Disorder And Mental Disorders1364 Words   |  6 PagesIntro Bipolar disorder is an emotional instability checked by great movements in disposition going from a hyper to a depressive state. Bipolar disorder is additionally called bipolar disease or manic depression. Bipolar disorder oppresses 3 to 5% of the populace with inconvenient impact on life possibilities. People with Bipolar Disorder will face life span danger for mood shifts, including fatal consequences. â€Å"It is sixth most common cause of disability in the United States (Altman et al., 2006)Read MoreFibromyalgia And Bipolar Disorder : Extent Of Comorbidity And Therapeutic Implications1109 Words   |  5 PagesFibromyalgia and Bipolar Disorder: extent of comorbidity and therapeutic implications ABSTRACT Fibromyalgia (FM) is a syndrome that affects muscles and soft tissues. Symptoms include chronic muscle pain, fatigue, sleep disturbances, and painful trigger points and and psychological symptoms such as depression and anxiety. In particular, there is strong evidence of comorbidity of FM and Bipolar Disorder (BD). Therefore, adequate psychiatric

IT Risk Assessment Report for Aztek

Question: Discuss about the Case Study for IT Risk Assessment Report for Aztek. Answer: Introduction The report will discuss the topic Migrating business-critical applications and their associated data sources to an external cloud hosting solution. Purpose: The purpose of this IT risk assessment report is to evaluate the adequacy of Aztek project related to using an external cloud service solution for deploying their data and business critical applications. The risk assessment will provide a detailed evaluation of this operational environment. The report will address the following aspects in relation IT risks and control measures and provide analysis and discussions: Review of the financial services sector in relation to this project. Some of the best practices and government or industry regulation and compliance are explored. Discuss the security posture of the project in terms of current IT security procedures. An evaluation of risk based on threats, vulnerabilities and consequences obtained from an IT control framework in relation to the chosen project. Assessment of risks related to data security. Scope: The risk assessment will address the risks related to using an external cloud hosting provider for migration of business applications and databases. The usage of the system and its resources must be planned prior to implementation to protect data and applications from possible vulnerabilities, threats (internal and external) and other attack problems. This is important because if the data and vulnerabilities are not addressed, then Aztek will face negative business impact such as, Unauthorized access to data and applications (Zissis Likkas, 2012) Unauthorized modification of information and systems Services and access denied to authorized users Business critical data and applications are lost Due to the over dependency on IT systems and networks by Aztek, and its strategic initiatives on business expansion plans, the management decides to deploy their data and applications in a cloud service. Cloud services offer immense benefits in terms of IT management and efficiency, at the same time they have their own set of risks and problems. The report will explore existing best practices related to security safeguards with the aim of supporting the management in deciding on security related initiatives for Aztek. A brief review of cloud migration by financial services sector and best practices In recent years cloud computing has grown significantly due to its cost efficiencies and an attractive alternative to in-house IT infrastructure (Khajeh-Hosseini, Greenwood, Sommerville, 2010). At an operational level using cloud service in the organization will improve innovation by freeing up resources internally and helps the company to focus on core business activities (Garrison, Kim, Wakefield, 2012). Further, clouds are interoperable, offer collaboration and also provide immense potential for financial services to enhance their customer relationships at high levels. These benefits influenced the management in Aztek to migrate their applications and data sources to the cloud (Stamford, 2012). In spite of all the benefits, cloud services are vulnerable to IT risks (Shaikh Haider, 2011). Aztek prior to migrating all their data sources and applications to the cloud must deeply assess IT and cloud-related security aspects such as threats, confidentiality, data integrity, auditability and other compliance aspects. Therefore it becomes highly essential for Aztek to clearly understand the risks in cloud migration and must define necessary controls to protect all information assets before business critical data sources are deployed on the cloud (Heiser Nicolett, 2008). In cloud computing security, privacy issues and legal matters are widely acknowledged. Most of the security and privacy issues are usually due to users lack of control over the physical infrastructure (Subhashini Kavitha, 2011). Since most of these issues are not directly related to cloud, security issues arise due to web browsers and web services on the internet. Since cloud computing systems make use of world- wide-web for its services, security threats are a significant aspect in cloud migrations (Jensen, Schwenk, Gruschka, Iacono, 2009). The presence of technology on the internet and huge repositories of data are always an attractive target for hackers (Mondal Sarddar, 2015). This is important for Aztek because once data is migrated it can be a target, however, cloud security measures are provided by the cloud service provider. In addition to this data is stored in multiple locations (data centers), this can limit the damage caused by attacks on the web. Therefore, it is important to note that Aztek may not focus on having an internal IT department to manage their security for data and applications but at the same time, ensure adequate agreements are in place for securing their data in the cloud (Biswas, 2011). Cloud Security Alliance (CSA) which is an industrial group founded by big cloud vendors is formed to develop security best practices and guidelines for companies adopting cloud computing services for their operations. The guidelines provide directions for consumers (Aztek) to consider security related problems and issues that must be considered during migration. The guidelines are written for a wide range of areas such as encryption, portability, interoperability and risk management (CSA, 2009). In addition to CSA, the European Network and Information Security Agency (ENISA) published a report to highlight the security issues normally found in cloud computing (Catteddu Hogben, 2009). According to ENISA security issues can be categorized into, Issues related to policy and organizational matters, compliance challenges, vendor lock-in (Kshetri, 2013) and so on. Risks from technology such as data leakage, loss of encryption keys, denial of services to authorized users, authentication procedures, etc. (Kulkarni, et al. 2012). Legal risks in cloud migration mostly relate to data protection and software licensing matters (So, 2011). In addition to the above, there are risks due to hardware failure, natural calamities like earthquakes, floods, etc. In spite of this risk categorization it must be understood that security in the cloud is much easier to implement because data protection, privacy, and availability are handled by the cloud provider (James, 2010) and can be further strengthened by defining service level agreements. Looking into the above aspects, Aztek can consider cloud deployment of their data and applications because of the fact cloud offers an advantage compared to developing an in-house security system (Armbrust, et al., 2009). Exploring the cloud migration adoption trends in the finance sector, it can be found that many financial organizations look for infrastructure and software services on the cloud (Garg, Versteeg, Buyya, 2013). This is because financial services cater to a range of users and services to include mobile applications, retail banking systems, online transactions, credit risk analysis solutions and high-performance computing. Further, since cloud infrastructures are developed based on industry best practice such as ITIL, COBIT, CMMI, etc., the aspect of compliance are also handled by the cloud service (Shen, et al. 2013). However, financial organizations such as Aztek must carry out a standard risk analysis to ensure their data and applications are secured in cloud-based services. Every country has its own set of compliance and security requirements and frameworks when it comes to user privacy, confidentiality, and integrity (Barlow, 2016). In the case of Australia, the following guidance, strategies, policies and standards (Policy, 2014) are available: Australian government data center strategy 2010-2015 which aims to improve data center facilities Australian government big data strategy for better service delivery Cloud computing regulatory stock take Cloud security considerations Guide to implementing cloud services Negotiating the cloud, legal issues in cloud computing agreements Records management in cloud Australian government standards by the Joint Technical Committee The above regulations, guidance, and policies must be evaluated by Aztek before deploying their data and applications with the cloud provider. Assessment of current security posture and mitigation actions In the current scenario, the number of attacks and threats against both private and public organization are rising and at the same time becoming more sophisticated and complex (Tankard, 2011). In order to deal with these threats, Aztek must effectively prioritize and develop security measures by determining which of their assets are most likely to be affected while deploying them in the cloud. A security posture must be maintained at good levels for Aztek to operate effectively in current financial industry scenario. Therefore, developing a matured information security model will depend on effective risk-based decision making. The strategy for developing effective risk-based decision making will be reliant on the evaluation of different information security risk factors. At the same time, understanding these risk factors could be quite challenging (Webb, et al. 2014). The first step for Aztek is to evaluate the existing security scenario to identify gaps and threats and minimize loss for the company. The evaluation of existing gaps is done by determining specific risks that are specific risks that threaten business interests of Aztek. The specific risk issues will include understanding security attacks, internal and external threats and associated problems to business due to compromise of technology (Gonzalez, et al. 2012). Risk evaluation methodology can be structured as four distinct phases (Munnasar Govardan, 2010) for the company. This includes, Analyzing risks in resources, controls, threats and vulnerabilities Implementing security countermeasures through management decisions Implementing countermeasures and procedures in the company Reviewing the risk management program periodically Detailed analysis of threats, vulnerabilities and risks are identified for Aztek in the above phases, For instance, asset identification will identify system resources within the system boundary which requires protection. In the case of Azek, the data and information resources require protection from different forms of threats. The application will also require protection from attacks and misuse by users (Chen Zhao, 2012). Evaluating the weaknesses in IT design, security procedures, implementation and internal controls must be authorized by security experts within the organization (Jaferian, et al. 2014). Threat identification will provide projected threats that are applicable to the system in the company. For instance, threats such as virus attacks, malware, denial of service attacks, or packet sniffing and modification are some of the threats that can negatively impact information assets in Aztek. The security posture will determine the requirements needed for each department in the company. The IT unit will identify security requirement that is specific to software, hardware, networks and operating systems that are identified under information assets. The method of evaluating security threats that affect the confidentiality, integrity and availability of the system or cloud service is made to recommend appropriate security safeguards, management of security measures, implementation, and other security related initiatives (Rosado, et al. 2012). In addition to evaluations, controls are implemented for gaining confidence in the existing security posture. Some of the important security controls include, Management controls which manage IT for its risks and its acceptance (Spears Barki, 2010). Operational controls that focus on mechanisms implemented and executed by people. This will also include physical security, safeguarding of all media and inventory (Julisch Hall, 2010). Technical controls will provide automated protection to systems or applications. This can include implementing anti-virus software, establishing authentication procedures, deploying firewalls, etc. to protect information stored in systems (Bohn, et al. 2011). After having identified the information assets and analyzing them for adverse effects to business, the system sensitivity requirements and security of the related asset are determined. The severity of impact or loss is determined by three main aspects of user confidentiality, integrity, and availability. For instance, confidentiality will protect users and data from unauthorized disclosure (Kurtz Vines, 2010). Integrity will provide protection from unauthorized or unintentional modification and will verify data for its correctness from the point of origin to the point of receipt of a message (Luo Bai, 2011). Authenticity is also closely related to data integrity (Medic Golubovic, 2010) which verifies if the data is subject to some form of attack during transit. Lastly, availability will ensure the data and information are available to all authorized users to fulfill business requirements (Yu, et al. 2010). The risk level for each of these impacts can be further categorized under l ow, moderate or high depending on the level of impact to Azteks business objectives. Some of the threat mitigation measures followed in financial services includes, Use of better data encryption tools A mechanism for incident reporting Using better auditing tools for increasing transparency Clarity on liability and responsibility for both Aztek and the cloud service provider Tools for improving privacy Remote audit of services Receive logs in real time Better solution for data classification In addition to the mitigation measures, there are much more which must be considered when Aztek will consider in their decision to migrate to the cloud. By establishing a confident security posture and evaluating their assets, the company will be able to successfully assess confidentiality, integrity and availability aspects for implementing cloud services in their office. It is also important to note that by having a good idea of their comfort level while transitioning into the cloud, the company will be able to transition to the right service model that will fit their risk tolerance. An assessment of IT risks for Aztek This section will provide an assessment of threats, vulnerabilities, and attacks. Some of the top threats available on the internet include, Malicious code or malware (Worms, Trojans, etc.): These threats steal user data and are common in business IT environment. Malware is becoming more sophisticated and affects sensitive components and also erases all trace making it difficult for law enforcement agencies to investigate an affected system or network. Some types of malware are known as banking Trojans which capture user information and steal passwords, account information, etc. (Ligh, et al. 2010). Web application attacks consist of feeding vulnerable servers and mobile apps with malicious data to alter site content or breach information. This type of attack is slowly increasing (Stuartard Pinto, 2011). Denial of service attacks will prevent access to authorized users requesting a service from the system or network. Recently denial of service attacks has grown in sophistication and combined with another type of attacks namely virus activation, data or intellectual property theft, financial theft and so on (Beitollahi, Deconinck, 2012). Data breach refers to the loss of personal data on the internet. Often valuable information is lost for a user and mostly results in financial impact. A data breach can also occur due to erroneous or inadvertent actions by a user leading to disclosure of all confidential information. A data breach can be understood as an abuse of information by attackers (Romanosky, Hoffman Acquisti, 2014). Insider threat or insider attack is often a result of abuse by an existing employee or an ex-employee having access to critical data in the system. Insider threats can occur when a user will bypass security controls using his/her access rights to overcome existing protection. Often the best way to identify insider threats is to successfully track system logs to understand user behavior in the system. Insider threats result in high impact similar to external threats and system administrators must keep an eye on peoples behaviour to detect patterns of system usage (Kandias, Virvilis, Gritzalis, 2011). Identity theft and fraud is another risk where the attacker steals a user password and gains access to the system like an authorized user. This type of threat is usually common in financial transactions and data (Finklea, 2010). Risk management strategies, policies and procedures must consider the above threats and vulnerabilities and overcome uncertainties by measuring, managing and mitigating threats (De Bakker, K., Boonstra Wortmann, 2010). IT risk management will provide a means of IT resources and decision making in Aztek to deliver confidentiality, integrity and availability of information assets. Confidentiality is the primary goal of cloud computing systems and refers to the availability of data and applications to all users from anywhere, anytime and on any device. Cloud systems make use of redundancy and hardening strategies to improve the availability of all applications hosted on it. Confidentiality refers to keeping users data secured from unauthorized access in cloud systems. The confidentiality of cloud systems is quite challenging because applications or data in the cloud are exposed to more attacks due to their access from the internet which is a public network. Some companies make use of private cloud which provide more secure and restricted access through the internet. Hence, keeping in view of confidentiality of users, cloud vendors adopt cryptography and encryption standards which must be detained in service agreements by Aztek and the cloud service provider. Data integrity is another aspect which is fundamental to cloud service. Integrity refers to the preservation of information from possible loss or abuse by unauthorized or authorized users in the system. Data integrity will also be defined in the contracting agreements between the company and the service provider. Migrating business applications and data to cloud involve risks such as lack of availability, inadequate performance and external and internal threats. In some scenarios or instances, it may be noted that the security offered by the cloud service provider may be adequate for that purpose. The regulatory compliance and standards and frameworks such as ISO, ITIL, etc. are easily available with cloud service providers (Ding, 2015). However, it is always best to have adequate policies and standards within the organization to protect business critical information and assets on the cloud. After the risks and mitigation practices are considered, data and applications can be migrated to the cloud. At this time appropriate controls must be established at all levels viz, managerial, operational and technical. Adequate controls are required to regulate the use of data and applications, its infrastructure and the system. One control mechanism can be typically providing access control for users ( Kuhn, Coyne Weil, 2010). The control allows users to access the application and trust the identity of the information. In cloud, all applications will keep track of authorized users. This is done by user-centric access control, in which every user request to the service provider is integrated with the user identity and his/her entitlements. By providing user-centric controls, the aspects of confidentiality and trust are maintained in clouds (Onankunju, 2013). Risk management in Aztek will follow a framework that continually evaluates risks to ensure its security posture is confident and robust. The following points may be considered: A analyze the impact and categorize information stored, processed and transmitted in the cloud service for Aztek Establish a set of security controls for risks, local conditions and assessments (Aleem Ryan, 2012). Having controls in agreements with cloud service provider will help Aztek to have more robust security. Review controls to verify if they are meeting security needs Establish access controls as appropriate for all users in Aztek. Periodically monitor security controls, this is an ongoing activity. Risk assessment is highly critical for business operations and is an ongoing activity. Data security, peoples role in Cloud for Aztek Using a cloud solution implies the employees of the cloud provider will have the ability to use Azteks data and applications. This is important to consider because the cloud provider usually allows the company availing services to assign and manage roles and associated levels of authorization of each of their user in concurrence to their security policies. The roles and authorization rights can be provided for per resource, service or application, and different areas of data can have restricted access. For example, an employee can post transactions to the database, whereas another user can only generate reports from the system. This type of access controls is highly important in cloud migration (Padhy, Patra, Satapathy, 2011). In addition to access control and user levels, the cloud provider can provision unique identities for Azteks users and services. This function can be configured to support access to a resource or support customer applications. At the same time, a user regardless of his/her role must be monitored and logged in the system for the purposes of auditing of customer data and applications. The following points may be noted in relation to managing peoples access and controls: Administering Azteks users, the cloud provider can support delegated identification. This is done through the process of identity provision and delegation. Aztek can consider the process of identity across applications by providing single-sign-on to provide users with access to all applications and services. This can be revisited and user access can have multiple signs on with appropriate controls in each application. This can be defined in agreement with the cloud provider. Aztek can consider the need for auditing and logging reports to monitor their service usage to fulfill compliance with regulations. The cloud provider will make available all system and application logs with Aztek for auditing purposes. Data is highly critical for financial companies such as Aztek. Authentication mechanisms must be strong to access high-value assets hosted in the cloud. This shall ensure user privacy and confidentiality of all Azteks information. Therefore, it may be noted that data is the core of all IT security issues in any organization and in whatever infrastructure it is stored. Cloud computing systems offer immense benefits, however, the security issues and problems remain the same. In clouds, data risk is of various forms such as unauthorized disclosure, tampering, internal threats, unauthorized modification of data, the risk of data loss and so on. Another aspect to note in the cloud is that data must be protected at rest and in motion (while transferred in a network). This must be considered in migrating to cloud systems, and encryption standards help in securing data in motion. In the cloud the term data also refers to applications and software where all the risks related to data apply. The need for Aztek will be to Perform an internal assessment to understand the problems in IT risks Evaluate cloud services for their service offering, especially in the area of data and applications Perform a thorough review of all aspects related to risks in migrating data and applications to the cloud Develop adequate security measures and test them for cloud migration. Ensure to have substantial service agreements defined with the cloud provider to protect business interests of Aztek. Conclusions The report analyzes the problems and risks of migrating data and business critical applications to a cloud provider for Aztek. The report provides a review of how cloud systems are used by the financial sector and the problems faced. The existing security posture for the company is reviewed and suggestions provided while reviewing the problems of security risks. The risk assessment provides brief discussions on the type of threats available in cloud migration in general. The data security aspects in the report provide risks with the view of how data can be secured and usage within Aztek. References Aleem, A., Ryan Sprott, C. (2012). Let me in the cloud: analysis of the benefit and risk assessment of cloud platform.Journal of Financial Crime,20(1), 6-24. Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., et al. (2009). Above the Clouds: A Berkeley View of Cloud Computing. Technical Report. University of California at Berkeley. Barlow, B. (2016). ?How Financial Services Protect Their Users. Retrieved October 10, 2016, from CSO: https://www.cso.com.au/article/608062/how-financial-services-protect-their-users/ Beitollahi, H., Deconinck, G. (2012). Analyzing well-known countermeasures against distributed denial of service attacks.Computer Communications,35(11), 1312-1332. Biswas, S. (2011). Is Cloud Computing Secure? Retrieved October 10, 2016, from Cloud Tweaks: https://cloudtweaks.com/2011/01/the-question-should-be-is-anything-truly-secure/ Bohn, R. B., Messina, J., Liu, F., Tong, J., Mao, J. (2011, July). NIST cloud computing reference architecture. In2011 IEEE World Congress on Services(pp. 594-596). IEEE. Catteddu, D., Hogben, G. (2009). Cloud Computing: benefits, risks and recommendations for information security. Technical Report. European Network and Information Security Agency. CSA. (2009). Security guidance for critical areas of focus in cloud computing. Cloud Security Alliance. Chen, D., Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. InComputer Science and Electronics Engineering (ICCSEE), 2012 International Conference on(Vol. 1, pp. 647-651). IEEE. De Bakker, K., Boonstra, A., Wortmann, H. (2010). Does risk management contribute to IT project success? A meta-analysis of empirical evidence.International Journal of Project Management,28(5), 493-503. Ding, Y. (2015). Service Delivery Standards (ITIL, COBIT, ETOM, ISO/IEC 20000, Etc.).Wiley Encyclopedia of Management. Finklea, K. M. (2010).Identity theft: Trends and issues. DIANE Publishing. Garg, S. K., Versteeg, S., Buyya, R. (2013). A framework for ranking of cloud computing services.Future Generation Computer Systems,29(4), 1012-1023. Garrison, G., Kim, S., Wakefield, R. L. (2012). Success factors for deploying cloud computing.Communications of the ACM,55(9), 62-68. Gonzalez, N., Miers, C., Redigolo, F., Simplicio, M., Carvalho, T., Nslund, M., Pourzandi, M. (2012). A quantitative analysis of current security concerns and solutions for cloud computing.Journal of Cloud Computing: Advances, Systems and Applications,1(1), 1. Heiser, J., Nicolett, M. (2008). Assessing the Security Risks of Cloud Computing . Gartner Research. ID Number: G00157782. Jaferian, P., Hawkey, K., Sotirakopoulos, A., Velez-Rojas, M., Beznosov, K. (2014). Heuristics for evaluating IT security management tools.HumanComputer Interaction,29(4), 311-350. James, B. (2010). Security and privacy challenges in cloud computing environments. Jensen, M., Schwenk, J. O., Gruschka, N., Iacono, L. L. (2009). On Technical Security Issues in Cloud Computing. IEEE International Conference on Cloud Computing (CLOUD-II 2009), Bangalore, India , 109-115. Kandias, M., Virvilis, N., Gritzalis, D. (2011, September). The insider threat in cloud computing. InInternational Workshop on Critical Information Infrastructures Security(pp. 93-103). Springer Berlin Heidelberg. Khajeh-Hosseini, A., Greenwood, D., Sommerville, I. (2010, July). Cloud migration: A case study of migrating an enterprise it system to iaas. In2010 IEEE 3rd International Conference on cloud computing(pp. 450-457). IEEE. Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution.Telecommunications Policy,37(4), 372-386. Kuhn, D. R., Coyne, E. J., Weil, T. R. (2010). Adding attributes to role-based access control.IEEE Computer,43(6), 79-81. Kulkarni, G., Gambhir, J., Patil, T., Dongare, A. (2012, June). A security aspects in cloud computing. In2012 IEEE International Conference on Computer Science and Automation Engineering(pp. 547-550). IEEE. Krutz, R. L., Vines, R. D. (2010).Cloud security: A comprehensive guide to secure cloud computing. Wiley Publishing. Ligh, M., Adair, S., Hartstein, B., Richard, M. (2010).Malware analyst's cookbook and DVD: tools and techniques for fighting malicious code. Wiley Publishing. Luo, W., Bai, G. (2011, September). Ensuring the data integrity in cloud data storage. In2011 IEEE International Conference on Cloud Computing and Intelligence Systems(pp. 240-243). IEEE. Medic, A., Golubovic, A. (2010). Making secure Semantic Web.Universal Journal of Computer Science and Engineering Technology,1(2), 99-104 Mondal, R. K., Sarddar, D. (2015). Utility Computing.International Journal of Grid and Distributed Computing,8(4), 115-122. Munassar, N. M. A., Govardhan, A. (2010). A comparison between five models of software engineering.IJCSI,5, 95-101. Onankunju, B. (2013). Access control in cloud computing. International Journal of Scientific and Research Publications , 3 (9). Padhy, R. P., Patra, M. R., Satapathy, S. C. (2011). Cloud computing: security issues and research challenges.International Journal of Computer Science and Information Technology Security (IJCSITS),1(2), 136-146. Policy, A. G. (2014). Smater ICT Investment, Version 3.0. Canberra, Australia: Government of Australia. Stamford, C. (2012, September). Gartner Says Worldwide Cloud Services Market to Surpass $109 Billion in 2012. Retrieved October 10, 2016, from Gartner Newsroom: https://www.gartner.com/newsroom/id/2163616 Romanosky, S., Hoffman, D., Acquisti, A. (2014). Empirical analysis of data breach litigation.Journal of Empirical Legal Studies,11(1), 74-104. Rosado, D. G., Gmez, R., Mellado, D., Fernndez-Medina, E. (2012). Security analysis in the migration to cloud environments.Future Internet,4(2), 469-487. Shaikh, F. B., Haider, S. (2011, December). Security threats in cloud computing. InInternet technology and secured transactions (ICITST), 2011 international conference for(pp. 214-219). IEEE. Shen, Y., Li, Y., Wu, L., Liu, S., Wen, Q. (2013). Trusted Cloud Initiative Reference Architecture.Enabling the New Era of Cloud Computing: Data Security, Transfer, and Management: Data Security, Transfer, and Management, 78. Stuttard, D., Pinto, M. (2011).The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws. John Wiley Sons. Spears, J. L., Barki, H. (2010). User participation in information systems security risk management.MIS quarterly, 503-522. So, K. (2011). Cloud computing security issues and challenges.International Journal of Computer Networks,3(5). Subashini, S., Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing.Journal of network and computer applications,34(1), 1-11. Tankard, C. (2011). Advanced persistent threats and how to monitor and deter them.Network security,2011(8), 16-19. Webb, J., Ahmad, A., Maynard, S. B., Shanks, G. (2014). A situation awareness model for information security risk management.Computers security,44, 1-15. Yu, S., Wang, C., Ren, K., Lou, W. (2010, March). Achieving secure, scalable, and fine-grained data access control in cloud computing. InInfocom, 2010 proceedings IEEE(pp. 1-9). Ieee. Zissis, D., Lekkas, D. (2012). Addressing cloud computing security issues.Future Generation computer systems,28(3), 583-592