Data Protection | Assessment Report1
Added on 2022-10-02
17 Pages4103 Words27 ViewsType: 27
Data Science and Big Data
|
|
|
Running head: Data Protection 1
Privacy and Data Strategy:
A Department of Administrative Services’ (DAS) Report.
Student’s Name
Institution’s Name
Privacy and Data Strategy:
A Department of Administrative Services’ (DAS) Report.
Student’s Name
Institution’s Name
Data Protection 2
Privacy and Data Strategy:
A Department of Administrative Services’ (DAS) Report.
Introduction
The Department of Administrative Services is an Australian government agency that
provides services such as payroll, HR and personnel management, contractor management and
contract tendering management among others to other government departments. Changes in
government policies have made the department adopt a shared services delivery model. The
implication of this migration is that the some services will have to be centralized and that each
agency running thee services for its users will have to migrate into the platform too, from where
the amalgamated services will be provided to all other governmental agencies. The ‘Cloud First’
government policy requires that DAS to first acquire a cloud-based application first before
making any further updates. For this reason, the department has contracted a US based company
to provide a SaaS-based HR and personnel management system that will facilitate all the
necessary updates.
Such a migration often comes with risks, thus calling for a security control plan,
management and policy while migrating and using the shared services. Managing these services
could increasingly become complicated, data security levels can escalates, and vendor lock-in
can be prevented (Paquette, Paul, & Susan, 2010). This report purposes to provide a security
control approach of the migration, and the ultimate IT service management. The first section
presents a Privacy strategy proposal; the second one presents recommendations for the
implementation of the strategy and mitigation of previously identified privacy risks; the third
Privacy and Data Strategy:
A Department of Administrative Services’ (DAS) Report.
Introduction
The Department of Administrative Services is an Australian government agency that
provides services such as payroll, HR and personnel management, contractor management and
contract tendering management among others to other government departments. Changes in
government policies have made the department adopt a shared services delivery model. The
implication of this migration is that the some services will have to be centralized and that each
agency running thee services for its users will have to migrate into the platform too, from where
the amalgamated services will be provided to all other governmental agencies. The ‘Cloud First’
government policy requires that DAS to first acquire a cloud-based application first before
making any further updates. For this reason, the department has contracted a US based company
to provide a SaaS-based HR and personnel management system that will facilitate all the
necessary updates.
Such a migration often comes with risks, thus calling for a security control plan,
management and policy while migrating and using the shared services. Managing these services
could increasingly become complicated, data security levels can escalates, and vendor lock-in
can be prevented (Paquette, Paul, & Susan, 2010). This report purposes to provide a security
control approach of the migration, and the ultimate IT service management. The first section
presents a Privacy strategy proposal; the second one presents recommendations for the
implementation of the strategy and mitigation of previously identified privacy risks; the third
Data Protection 3
section gives a personal data protection strategy; and the last one recommends on how to
mitigate data security risks.
Privacy Strategy Proposal
Vision
The Department of Administrative Services functions as an Australian government
agency through which all other departments are serviced. Migration into cloud and shared
service model implies that the department becomes a leader in safeguarding the privacy of
personal and governmental data as well as promoting the establishment of a transparent,
conducive and healthy working culture for all stakeholders, employees and clients.
Mission
The mission of Department of Administrative Services through this privacy proposal is to
protect the privacy of all stakeholders, employees and individuals accessing government services
by embedding privacy control mechanisms and strategies that promote transparency, reliability
and accountability at all government departments.
Values
1. Transparency
2. Accountability
3. Reliability
4. Professionalism
5. Code of conduct and ethics
6. Integrity and security
section gives a personal data protection strategy; and the last one recommends on how to
mitigate data security risks.
Privacy Strategy Proposal
Vision
The Department of Administrative Services functions as an Australian government
agency through which all other departments are serviced. Migration into cloud and shared
service model implies that the department becomes a leader in safeguarding the privacy of
personal and governmental data as well as promoting the establishment of a transparent,
conducive and healthy working culture for all stakeholders, employees and clients.
Mission
The mission of Department of Administrative Services through this privacy proposal is to
protect the privacy of all stakeholders, employees and individuals accessing government services
by embedding privacy control mechanisms and strategies that promote transparency, reliability
and accountability at all government departments.
Values
1. Transparency
2. Accountability
3. Reliability
4. Professionalism
5. Code of conduct and ethics
6. Integrity and security
Data Protection 4
Goals for the Plan
a) DAS is commited to ensuring smooth transition of all government services into the
cloud.it is also commited to ensuring that data stored in the platform is protected and
secured from unauthorized access and manipulation. It is the responsibility of DAS to
ensure smooth running and availability of all government services.
b) This strategy is based on the goal of maintaining high standards of stewardship,
accountability and integrity. Privacy goals, policies and practices are enhanced and
enforced and considered as critical components for the realization of this strategy. Hiring
of competent individuals and thorough user training shall be used to complement both
physical and ‘intangible’ security control mechanisms.
c) DAS shall make sure that all users are aware of and adhere to current governmental
regulations.
d) To provide a security framework suitable for the establishment levels of security for all
governmental services and information systems running on cloud platform.
e) Provide principles by which all users and departmental employees understand their
respective roles in the maintenance of a secured computing environment.
f) Protect DAS from unnecessary legal actions and ligations that would result from illegal
handling and unauthorized access and/or exposure of personal information.
g) Respond to changes in the context of organizational change, changes in governmental
regulations and technological advancements.
Scope of the Policy statement
Goals for the Plan
a) DAS is commited to ensuring smooth transition of all government services into the
cloud.it is also commited to ensuring that data stored in the platform is protected and
secured from unauthorized access and manipulation. It is the responsibility of DAS to
ensure smooth running and availability of all government services.
b) This strategy is based on the goal of maintaining high standards of stewardship,
accountability and integrity. Privacy goals, policies and practices are enhanced and
enforced and considered as critical components for the realization of this strategy. Hiring
of competent individuals and thorough user training shall be used to complement both
physical and ‘intangible’ security control mechanisms.
c) DAS shall make sure that all users are aware of and adhere to current governmental
regulations.
d) To provide a security framework suitable for the establishment levels of security for all
governmental services and information systems running on cloud platform.
e) Provide principles by which all users and departmental employees understand their
respective roles in the maintenance of a secured computing environment.
f) Protect DAS from unnecessary legal actions and ligations that would result from illegal
handling and unauthorized access and/or exposure of personal information.
g) Respond to changes in the context of organizational change, changes in governmental
regulations and technological advancements.
Scope of the Policy statement
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Cloud Computing Report 2022lg...
|24
|7085
|19
Cloud Privacy and Privacy Policylg...
|25
|7029
|142
Administrative Services Department Report 2022lg...
|16
|4808
|23
Threat and Risk Assessment for MyLicense Portal - Deskliblg...
|11
|2635
|488
Investigation Data Privacy and Security Australia Report 2022lg...
|24
|6742
|9
Assignment Cloud Privacy and Securitylg...
|5
|1526
|80