Throughout this report is the work of which achieved me the highest possible grade. All of my work was to distinction standard throughout the 2 year course.
BTEC LEVEL 3 UNIT 7 P1,P2,P3,P4,P5,P6,M1,M2,M3,D1,D2
Unit 4: Programming assignment 1 All criteria's complete
GET YOUR DISTECTION NOW
GET YOUR DISTECTION NOW
Alles voor dit studieboek
(28)
Geschreven voor
BTEC
PEARSON (PEARSON)
Information Technology 2010 QCF
Unit 7 - Organisational Systems Security
Alle documenten voor dit vak (17)
3
beoordelingen
Door: mrsaaxobeat • 2 jaar geleden
Door: nanaoseibobie06 • 4 jaar geleden
Door: MatthewIT • 4 jaar geleden
May I just ask why you have rated this document 2 star?
Door: alexanderllockenden • 4 jaar geleden
Verkoper
Volgen
MatthewIT
Ontvangen beoordelingen
Voorbeeld van de inhoud
Unit 7
Assignment 2
Pass Work (P4)
Security problems and guidelines
Disaster recovery policies
Disaster recovery policies state what actions are to be taken in an event whereby the
organisation has been impacted by a disaster [for more information on likely disasters its
effect of organisations refer to Unit 7 Assignment 1].
The disaster recovery policy will likely include the procedures for data relocation, use of
alternative sites, the hiring of additional of staff and equipment.
Typically organisations will be supported by appropriate levels of insurance to fund the
organisations recovery from the disaster.
If disaster recovery policies are not in place and a disaster occurs the organisation will have
a prolonged downtime and their reputation may be impacted [from losing the customer’s
information and data].
Updating of security procedures
Updates and reviews of security procedures should be carried out periodically, it is essential
to check the security policies for currency and to compare the policy against current
knowledge and new threats.
Both security and computer systems require frequent updating as advancements in security
[and threats] are being produced at a rapid pace, the updates which may need to be
implemented by the organisations systems security may have an impact on the
organisations current established system.
Typically the updates will need to be tested by the staff [who are responsible for the up
keeping of the organisation systems security] prior to being released across the entire
organisation.
Scheduling of security audits
Security audits of physical and networked systems will need to be carried out regularly
ensuring the current system is working as expected [and has no issues], typically the security
audits are carried out without the employees knowing when they’re going to be done -
proving the effectiveness of the systems in place.
Within network management, an audit of database and network logs provide a detailed look
upon the recurring issues – this can be used to highlight the organisations existing threats.
The audit is often combined with penetration testing, simulating a hacker or denial of
service attack to establish the soundness of the existing systems.
Some organisations will go as far as to employ staff with the prime objective of breaking
into the building to ensure their physical security put in place is adequate.
Codes of conduct
1|Page
Matthew Lloyd-Jones
,Unit 7
Assignment 2
Code of conducts are created to ensure the personnel who require access to a system are
legally binded to not take advantage of their access.
Employees are expected to sign, agree and adhere to the code of conduct which states on it
a variety of policies – the policies ensure the systems users will abide by rules which suit the
organisation and its security needs.
Organisations typically will include the following policies [in some form] within their code of
conduct:
Email usage policy - This governs what subjects are deemed acceptable in the
sending of emails, the policy usually defines the acceptable size of attachments to be
sent and gives details as to the unacceptable activities such as sending data and
information to the organisations competitor.
Internet usage policy - employees will usually have restricted access online –
ensuring employees are doing their work rather than playing games online or
accessing their social media accounts. The policy will also state what cannot be
downloaded online.
Software acquisition and Installation policy – these policies are put in place to
prevent personal and unlicensed software from being installed into the system, upon
this it ensures there is no duplication of software. By having these policies in place
compatibility issues and potential malware from accessing the system are prevented.
Surveillance policies
Placing surveillance cameras [or an alternative piece of surveillance equipment] around the
work place within an organisation may cause unrest to the employees. Surveillance and
monitoring policies must clearly be defined to the employees and they must then agree to
the policy. The policy would include information such as, the reasons for the surveillance,
where it will be placed and what type of surveillance equipment is going to be used.
Risk management
Predicting possible issues and measuring the potential damage which can be caused to the
organisation [as a result of these issues] is essential in creating a strategy to minimise [or
eliminate] all threats to an organisation.
In managing the risks, organisations may decide to:
Tolerate the potential risk and waste no time in coming up with a solution
Minimise the likelihood of the risk occurring – for example purchasing an add-on
anti-virus software.
Terminate the risk – stopping the virus.
Transfer the risk by adapting the approach of the organisation.
Budget setting
Budget setting and the management of finances is essential in ensuring the organisation
does not overspend. It is of great importance to maintain an acceptable level of security
2|Page
Matthew Lloyd-Jones
, Unit 7
Assignment 2
within an organisation and in budgeting for organisational systems security you will need to
consider the following: The replacement of redundant equipment and software versions,
the cost of each audit, the training of staff, software licencing, the procurement of external
consultation and support, the staff wages relating to organisational systems security.
3|Page
Matthew Lloyd-Jones
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper MatthewIT. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €4,92. Je zit daarna nergens aan vast.
