Wait a second!
More handpicked essays just for you.
Maintaining confidentiality and disclosing information
Don’t take our word for it - see why 10 million students trust us with their essay needs.
Case Study Of The Sprout Foundation
2486 Words5 Pages
Executive Summary
The Sprout Foundation (TSF) in these years become a large tier 2 charity organisation. The mission of this company is to help third-world communities sustainably improve their lives, by education, clean water and health facilities. Although the organisation grown significantly, with a AUD 117 Million fund turnover per annum, the management, technical and operational areas of TSF IT Systems and policies are unresourced and are not well maintained.
It (TSF) has not conducted in the past a Risk Assessment, the identification of threats and vulnerabilities and prioritisation of risks is nonexistent.
TSF Head Office is located in Australia. It has many local and global partners, in this case it will be many different local law and international laws that need to be followed but may come into conflict, especially privacy law
An issue for TSF, a privacy concern as they hold some data in the US ( by any of US Based partners of TSF), due to the US law (Patriot Act), they have right to access any data on any computer system, within US borders, in certain but broad situations.
(WILL add more at the end)
(Cover Sheet will be added later by pdf joins)
Record of Changes/Version History
Change/Version Number
Date of Change
Sections Changed
Description
Person Entering Change
Draft-V1
15/04/2014
N/A
First Draft
N/A
Final Version (current document)
17/04/2014
No. 6
Calculation corrections
Anthony Gagliano
1. Introduction
Risk assessment report conduct by Anthony Gagliano and Joshua Chu, in April 2014, with future Risk Assessments recommended every budget cycle of The Sprout Foundation (TSF).
Purpose
TSF is a large tier 2 charity organisation. The mission of this company is to help third-world communities sustaina...
... middle of paper ...
...
7. Conclusion
Final Prioritised list of Risks
Further Risk Assessment Opportunities
(Total the number of observations. Summarise the observations (risk and prioritise them in a list due to the final figures )
References
National Institute of Standards and Technology (NIST): Risk Management Guide for Information Technology Systems. Special Publication 800-30, 2002.
Table 3-4. Likelihood Definitions, National Institute of Standards and Technology (NIST): Risk Management Guide for Information Technology Systems. Special Publication 800-30, 2002.
Table 3-5. Magnitude of Impact Definitions, National Institute of Standards and Technology (NIST): Risk Management Guide for Information Technology Systems. Special Publication 800-30, 2002.
Appendix A
Threat List (maybe or keep in body of report)
Vulnerability List
Appendix B
Acronyms
Glossary
Related
Analysis of CAFOD (A Charity Organization)
645 Words | 2 PagesAnalysis of CAFOD (A Charity Organization) The charity I am going to analyse and explain is CAFOD. CAFOD was formed in 1961when the National Board of Catholic Women decided to carry out a family fast day, because the people of the Caribbean Island of Dominica had requested help for a mother and baby health care programme. A year after the family fast day the Catholic bishops of England and Wales decided to set up the “Catholic Fund for Overseas Development” or “CAFOD”. The main aim of this charity was to bring together the vast number of smaller charities and to educate Roman Catholics in England and Wales about the need for world development and also to raise money for developing countries. Even now CAFOD is still helping all around the world thanks to the support of Catholics in England and Wales.
DTL Power: Maximizing Uptime and Security for Profitability
931 Words | 2 PagesThe main goals of DTL Power are to maximize uptime, maintain strong security, and remain profitable. Additionally, DTL Power also believes that it benefits our organization to ensure that we collaborate with other organizations like Avisitel and the Federal government to help safeguard DTL Power’s systems. For example, Avisitel makes up a portion of the internet’s backbone, and any downtime that affects Avisitel may also affect DTL Power. Also, the Federal government provides technical advice and services, as well as provides research money for the development of cybersecurity technologies that DTL may utilize. Finally, various decisions were made and controls adapted that not only benefitted DTL Power, but its employees as well.
Security Controls Based On Auditing Frameworks Within The Seven Domains
1924 Words | 4 PagesThis project must meet the requirements of DoD security policies and standards for delivery of the technology services. The first requirement we are to discuss is Federal Information Security Management Act (FISMA) which is a United States legislation that defines a comprehensive framework to protect government information, operations and assets against natural or man-made threats. FISMA assigned the National Institute of Standards and Technology (NIST), the responsibility of defining standards and security procedures to be followed and must be complied. There are nine processes NIST outlines to be in compliance with FISMA:
The Importance Of The APA Style In Criminal Justice
897 Words | 2 PagesThe inferential data, statistics, and guidelines that are used in the APA style format helps distributing security-relevant information. This type of things are number of management tool, classification of information, assessment of different risk, and further analysis of these risks. These type of things are used to perform threat identification, assets, and...
Physical And Environmental Security Impact On Forensics Investigations
1934 Words | 4 PagesPhysical and environmental security programs are generally considered to be a collection of mechanisms and controls put into place that help ensure the availability of information technology capabilities. These programs protect an organization from fire, flood, theft, power failure, intentional, and even unintentional damage through negligence. Implementation of these programs at the organizational level can take place in a number of ways but most organizations choose to follow the application of a body of standards, usually set forth by an organization such as the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Once such body of standards put forth by ISO/IEC is 27002, Information technology – Security techniques – Code of practice for information secur...
The Healthy Body Wellness Center
1145 Words | 3 PagesThe Healthy Body Wellness Center requires an Information Security Management System (ISMS), in order to implement a plan to maintain and audit the company 's information system security objectives. This necessitated outlining the scope of the ISMS plan as well as an evaluation of the risk assessment conducted by We Test Everything LLC (WTE). We Test Everything LLC was contracted by the Healthy Body Wellness Center 's (HBWC) Office of Grants Giveaway (OGG) to provide a risk assessment of the Small Hospital Grant Tracking System (SHGTS).
HIPAA, CIA, and Safeguards
1633 Words | 4 PagesWhitman, M., & Mattord, H. (2010). Management of information security. (3rd ed., p. 6). Boston, MA: Cengage Learning.
Predictive Policing
1183 Words | 3 PagesUniversity of Idaho. (2014). Information Technology Services: Appendix 1: ITS Analysis of Strengths, Weaknesses, Opportunities and Threats. Retrieved from http://www.uidaho.edu/its/strategic-plan/appendix-i.
Case Analysis Of Innocent Drinks
861 Words | 2 PagesSo far the foundation has given over £3.5m to a series of charities in Latin America, Africa and Asia. The aim of the foundation to help people get access to the healthcare, education, micro-finance and agricultural support with the intention to help people grow themselves and their families out of poverty.
Theoretical Practices on Information Security and Risk Management
1790 Words | 4 PagesSun, L., Srivastava, R. P., & Mock, T. J. (2006). An information systems security risk assessment model under the Dempster-Shafer theory of belief functions. Journal of Management Information Systems, 22(4), 109-142. Retrieved from http://www.jmis-web.org/
Tropicana's APEX Program
1164 Words | 3 PagesIntroduction: Every year, students at the Stephen Leacock APEX program in grade 9 are given the opportunity to play a leadership role in their community. This involves an endowment project where each one of the students who are involved in the program is asked to collect information and interact with a non-profit or charitable organization. Then the students will present the organization to the class and decide which organization will be most beneficial from the $5000 the APEX program will provide. One of the organizations that caught my attention is Tropicana due to its wide variety of services for the community. The following information has been gained from interviewing key members of Tropicana Sharon and Rick.
Importance Of Risk Analysis In Management
1421 Words | 3 PagesHowever, risk analysis is the phase in the process of risk assessment where the highest degree of difficulty arises. The expectation that risk ought to be expressed in perceptions renders any measure of risk extensively subjective. However, in spite of the method applied, it ought to satisfy the following desirable properties. First, it should be embraced by the management, the department of information systems, and the community using it [18].
Essay On Information Technology In Business
1537 Words | 4 PagesZeleny, M (ed.) 2000, The IEBM handbook of information technology in business, Thomson Learning, London.
The Impact of Information Technology on Individuals, Society and Organizations
1188 Words | 3 PagesPalvia P., Palvia S. & E. Roche (1996) Global Information Technology and Systems Management. Ivy League Publishing
Essay On Importance Of Risk Management
709 Words | 2 PagesIdentification of the risk can simply be done by doing brainstorming with the team members. As Dr. McCarville said, there is no right or wrong answers. Every input is important and can really affect the process. Other beneficial tool is Fishbone Diagram.
More about Case Study Of The Sprout Foundation
Analysis of CAFOD (A Charity Organization)
645 Words | 2 PagesDTL Power: Maximizing Uptime and Security for Profitability
931 Words | 2 PagesSecurity Controls Based On Auditing Frameworks Within The Seven Domains
1924 Words | 4 PagesThe Importance Of The APA Style In Criminal Justice
897 Words | 2 PagesPhysical And Environmental Security Impact On Forensics Investigations
1934 Words | 4 PagesThe Healthy Body Wellness Center
1145 Words | 3 PagesHIPAA, CIA, and Safeguards
1633 Words | 4 PagesPredictive Policing
1183 Words | 3 PagesCase Analysis Of Innocent Drinks
861 Words | 2 PagesTheoretical Practices on Information Security and Risk Management
1790 Words | 4 PagesTropicana's APEX Program
1164 Words | 3 PagesImportance Of Risk Analysis In Management
1421 Words | 3 PagesEssay On Information Technology In Business
1537 Words | 4 PagesThe Impact of Information Technology on Individuals, Society and Organizations
1188 Words | 3 PagesEssay On Importance Of Risk Management
709 Words | 2 Pages