ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 6

Slides:

Advertisements

Similar presentations

NETWORKS By : Nicolas Pottier. Electronic security Establishing techniques that allow users to prove and protect their Identity from unauthorised personnel.

Advertisements

Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.

The importance of up to date, accurate and complete information.

Getting started with hands-on preservation Paul Wheatley SPRUCE Project Manager University of

The World of Access Controls

Unit 4- Assignment 3 P5, P6, M2 BTEC Business Level 3.

BT2103 Developing Small Systems for Business Lecture 2 Databases, Data Management, And The Legal Framework.

Assignment 1-Unit 5 Sports Coaching Hand in date ________

DBMS Functions Data, Storage, Retrieval, and Update

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Duncan Woodhouse – Assistant Registrar for Information Security, Risk Management and Business Continuity Helen Wollerton – Administrative Officer (Legal.

Risk Management Vs Risk avoidance William Gillette.

| Establishing a Contingency Plan.

Data Protection Act Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.

Company Program. Disaster Recovery A Disaster Recovery Plan is a plan for business continuity in the event of a disaster that destroys part or all of.

Handling information 14 Standard.

Health & Social Care Apprenticeships & Diploma

DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying.

The University of Akron Dept of Business Technology Computer Information Systems DBMS Functions 2440: 180 Database Concepts Instructor: Enoch E. Damson.

Concepts of Database Management, Fifth Edition

Disaster planning and management Small public offices information briefing December 2004.

David N. Wozei Systems Administrator, IT Auditor.

Information Systems Security Operational Control for Information Security.

OCR Nationals Level 3 Unit 3.  To understand how the Data Protection Act 1998 relates to the data you will be collecting, storing and processing  To.

EU Data Protection IT Governance view Ger O’Mahony 12 th October 2011.

Business Continuity and Disaster Recovery Chapter 8 Part 1 Pages 897 to 914.

UNIT 15 WEEK 9 CLASS 1 LESSON OVERVIEW Pete Lawrence BTEC National Diploma Organisational System Security.

Data Protection Act (1984, 1998). 2 Data Protection Act There are many organisations which hold personal information about individuals Examples: Loyalty.

Database Security Outline.. Introduction Security requirement Reliability and Integrity Sensitive data Inference Multilevel databases Multilevel security.

Working with HIT Systems

SecSDLC Chapter 2.

Data Protection Act (1998).

CONTROLLING INFORMATION SYSTEMS

M ORAL AND ETHICAL ISSUES. Use and Abuse of Personal and Private Data All the information stored on Computer is governed by law or legislation. The main.

Computer Laws Data Protection Act 1998 Computer Misuse Act 1990.

McLean HIGHER COMPUTER NETWORKING Lesson 12 Network Security Requirements Description of computer and network security requirements (confidentiality,

Data Protection and research Rachael Maguire Records Manager.

What is the Data Protection Act (DPA)? 1998 The Data Protection Act 1998 seeks to strike a balance between the rights of individuals and the sometimes.

The Freedom of Information Act and UCL Compliance Rosamund Cummings UCL FOI Officer

BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 3 OTHER DAMAGING THREATS.

WESTERN PA CHAPTER OF THE AMERICAN PAYROLL ASSOCIATION – NOVEMBER 4, 2015 Risk Management for Payroll.

Operational Issues. Operational Changes It is important to organisations to ensure that they abide by the Law when caring for the safety of their employees,

Data Protection Act The Kingsway School. What is Covered? The act was made law in 1984 and was updated in It covers the storage of personal data.

BTEC NATIONAL CERTIFICATE IN HEALTH AND SOCIAL CARE Unit 2: Equality, Diversity and Rights in Health and Social Care Settings.

Record Keeping CPCAB LEVEL 4 THERAPEUTIC COUNSELLING.

Fermi National Accelerator Laboratory Vital Records Training September 11, 2013.

Election Assistance Commission 1 TGDC Meeting High Level VVSG Requirements: What do they look like? February, 09, United States.

BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 7 EMPLOYMENT CONTRACTS & CODES OF CONDUCT.

ICT & Crime The Data Protection Act. Objectives Understand the need for the DPA Be able to describe the provisions of the DPA, the exceptions to the DPA.

Welcome to the ICT Department Unit 3_5 Security Policies.

Successes criteria : All will be able to: You need to have a definition of legislation, policies and procedures then sate which ones do you have to follow.

Explaining strategies to ensure compliance with workplace legislation

General Data Protection Regulation

TB2 Lesson 5 Data Protection

Managing the IT Function

TRINITY UNIVERSITY HOSPITAL INTERNAL EXIT MEETING

6 Principles of the GDPR and SQL Provision

The Data Protection Act & ICT Law

INFORMATION MANAGEMENT by John Ostrowski

Data Protection Act.

Legal and Ethical Issues

Unit 2: Fundamentals of Computer Systems

Data Protection.

BUSINESS CONTINUITY PLAN

Data and Applications Security Developments and Directions

Data Protection What can I do? GDPR Principles General Data Protection

Risk Articulation Articulation Translation to Risk Register

BUSINESS CONTINUITY PROGRAM

Why do we need to keep records

BUSINESS CONTINUITY PLAN

Presentation transcript:

ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 6 Information Security (M1) BTEC NAT Unit 7 - Organisational Systems Security

BTEC NAT Unit 7 - Organisational Systems Security Learning Objectives To understand the 3 areas of Information security to be considered to meet legal requirements such as the Data Protection Act Confidentiality of Data Integrity & Completeness of Data Availability & Access to Data BTEC NAT Unit 7 - Organisational Systems Security

Information Security Confidential personal data about you is kept on a number of systems Name some systems where data about you is stored? Example: Student Records BTEC NAT Unit 7 - Organisational Systems Security

Confidentiality of Data In the role of Systems Manager It is your job to preserve the confidentiality of data held What must you consider? Example: Who internally should be able to see the data? Provide a list of other examples BTEC NAT Unit 7 - Organisational Systems Security

Integrity & Completeness of Data The integrity (accuracy) and therefore completeness of data is critical on a number of systems. Having incorrect data can cause personal as well as commercial damage. How much data should you keep and for how long? What systems can you think of where individual distress can be caused and possibly lead to legal action? How would you check that the data is accurate and kept up to date? BTEC NAT Unit 7 - Organisational Systems Security

Availability & Access to Data Who can access the data? How can it be controlled? How often should the access be reviewed? Some data can only be accessed by request legally. Can you think of any examples? BTEC NAT Unit 7 - Organisational Systems Security

Assignment 1 (M1) Apply what you have learned to your assignment Relate this information to the threats already studied and the impact on organisations BTEC NAT Unit 7 - Organisational Systems Security

Disaster Recovery Policies (D1) There a number of different methods to recover a system from natural disasters (already studied) Research organisation recovery policies Consider the logical steps to follow Produce recovery plans for at least two different methods BTEC NAT Unit 7 - Organisational Systems Security