Information Security: Legal and Ethical Issues, Risk Management, and Facial Recognition System
Added on 2023-06-07
22 Pages5582 Words350 Views
|
|
|
Running Head: INFORMATION SECURITY 0
Information Security
Individual Assignment
Student Name
10/6/2018
Information Security
Individual Assignment
Student Name
10/6/2018
Information security 1
Contents
Executive Summary.....................................................................................................................................1
Introduction.................................................................................................................................................3
Legal issues for security system...................................................................................................................3
Principles underlying the code of ethics..................................................................................................5
Responsibilities to clients........................................................................................................................6
For the community worker:.................................................................................................................6
Responsibility to Organizations...........................................................................................................6
Responsibility to colleagues....................................................................................................................6
The community worker is expected to:...............................................................................................6
The community worker will:................................................................................................................6
Risk management:.......................................................................................................................................7
Risk identification................................................................................................................................8
Identifying application software, hardware devices, and networking devices....................................9
Identification people, procedures, and information assets:..............................................................10
Risk Assessment:...............................................................................................................................11
Likelihood:.........................................................................................................................................12
Assessing potential loss:....................................................................................................................12
Percentage of risk mitigated by current controls:.............................................................................12
Uncertainty:.......................................................................................................................................12
Risk determination:...........................................................................................................................12
Identify possible controls:..................................................................................................................13
Technologies for solving security issues....................................................................................................13
Facial recognition system:.........................................................................................................................16
Conclusion.................................................................................................................................................16
References.................................................................................................................................................18
Contents
Executive Summary.....................................................................................................................................1
Introduction.................................................................................................................................................3
Legal issues for security system...................................................................................................................3
Principles underlying the code of ethics..................................................................................................5
Responsibilities to clients........................................................................................................................6
For the community worker:.................................................................................................................6
Responsibility to Organizations...........................................................................................................6
Responsibility to colleagues....................................................................................................................6
The community worker is expected to:...............................................................................................6
The community worker will:................................................................................................................6
Risk management:.......................................................................................................................................7
Risk identification................................................................................................................................8
Identifying application software, hardware devices, and networking devices....................................9
Identification people, procedures, and information assets:..............................................................10
Risk Assessment:...............................................................................................................................11
Likelihood:.........................................................................................................................................12
Assessing potential loss:....................................................................................................................12
Percentage of risk mitigated by current controls:.............................................................................12
Uncertainty:.......................................................................................................................................12
Risk determination:...........................................................................................................................12
Identify possible controls:..................................................................................................................13
Technologies for solving security issues....................................................................................................13
Facial recognition system:.........................................................................................................................16
Conclusion.................................................................................................................................................16
References.................................................................................................................................................18
Information security 2
Executive Summary
In this report, facial recognition system will discussed, and various types of security
systems will be discussed in respect of information system for security. This report has
explaining ethical and legal issues, which are associated with facial recognition system, and it
also analyses their implications. There are so many risk in that time of systems, it was also
included in this report for identification of risk and analysis on that risk and manage that risk. In
this report, different types of investigation data are included for better understanding of
information system. According to this report, there are so many reviews for security systems
with their classification. There are also some implementation data of a facial recognition system.
This report shows many key points about a security system. Different types of system
requirements included in this report. It was based on the security system, which was related to
finding issues for security in different aspects, such as legal and ethical.
In the end of the report, it discussed about advantages of facial recognition system and
other systems for security systems.
.
Executive Summary
In this report, facial recognition system will discussed, and various types of security
systems will be discussed in respect of information system for security. This report has
explaining ethical and legal issues, which are associated with facial recognition system, and it
also analyses their implications. There are so many risk in that time of systems, it was also
included in this report for identification of risk and analysis on that risk and manage that risk. In
this report, different types of investigation data are included for better understanding of
information system. According to this report, there are so many reviews for security systems
with their classification. There are also some implementation data of a facial recognition system.
This report shows many key points about a security system. Different types of system
requirements included in this report. It was based on the security system, which was related to
finding issues for security in different aspects, such as legal and ethical.
In the end of the report, it discussed about advantages of facial recognition system and
other systems for security systems.
.
Information security 3
Introduction
Security system is based on the analysis for problem and providing solution of that
problem. There are different legal and ethical issues for security reasons, which are discussed in
the next part of this report. In this report, City of Perth’s facial recognition system proposal and
implementation research was discussed. There are lot of things for consider to development of
facial recognition system in a city. So many issues occurred in that types of system related to
confidentiality, legality, and privacy of people (Reynolds, 2011). Therefore, there are so many
variations in the results of facial recognition system. It have some limitation in which it fails, still
it have many advantages for the security purpose. This report is explaining about issues of facial
recognition system implementation in the City of Perth (aap, 2017). Basic outcomes of this
report are identifying the legal and ethical issues related to facial recognition information
security system and about their implementation issues ( Parker, 2018). A main issue is risk
analysis for the facial recognition system. It was start from identification of risks for that system
and solution of that risk. There are different types of planning for implementation of a security
system ( Burt, 2018).
Legal issues for security system
For the information security expert, it is must to understand about the responsibilities of
organization for ethics and legal laws. Security system is responsible for the privacy and security
risks at the organization (WARREN, 2011). It I must to know about current laws and ethical
issues for implementation of the security system, so in future no more changes will require for
those issues in the security system ( Epps, 2018). To reduce liability always considers all legal
action for information security system. It should be informed to all employees and operator for
proper use of their right, according to legal and ethical obligation (Quinn, 2010). Therefore,
organization focuses on the main objectives and properly uses of information technology in the
information system (Gupta & Hammond, 2005). In the first part of this report, it is describe
about the legislation and regulations for information management system of an organization.
In the next part, it is describe about the ethical issues in implementing security system in
the organization. Policies are required because of acceptable and unacceptable behaviors of
Introduction
Security system is based on the analysis for problem and providing solution of that
problem. There are different legal and ethical issues for security reasons, which are discussed in
the next part of this report. In this report, City of Perth’s facial recognition system proposal and
implementation research was discussed. There are lot of things for consider to development of
facial recognition system in a city. So many issues occurred in that types of system related to
confidentiality, legality, and privacy of people (Reynolds, 2011). Therefore, there are so many
variations in the results of facial recognition system. It have some limitation in which it fails, still
it have many advantages for the security purpose. This report is explaining about issues of facial
recognition system implementation in the City of Perth (aap, 2017). Basic outcomes of this
report are identifying the legal and ethical issues related to facial recognition information
security system and about their implementation issues ( Parker, 2018). A main issue is risk
analysis for the facial recognition system. It was start from identification of risks for that system
and solution of that risk. There are different types of planning for implementation of a security
system ( Burt, 2018).
Legal issues for security system
For the information security expert, it is must to understand about the responsibilities of
organization for ethics and legal laws. Security system is responsible for the privacy and security
risks at the organization (WARREN, 2011). It I must to know about current laws and ethical
issues for implementation of the security system, so in future no more changes will require for
those issues in the security system ( Epps, 2018). To reduce liability always considers all legal
action for information security system. It should be informed to all employees and operator for
proper use of their right, according to legal and ethical obligation (Quinn, 2010). Therefore,
organization focuses on the main objectives and properly uses of information technology in the
information system (Gupta & Hammond, 2005). In the first part of this report, it is describe
about the legislation and regulations for information management system of an organization.
In the next part, it is describe about the ethical issues in implementing security system in
the organization. Policies are required because of acceptable and unacceptable behaviors of
Information security 4
workers in the company, and manage all those issues raised by the behavior of an employee in
the company (Heiser & Nicolett, 2008). Therefore, policies and laws are used for solving those
issues with penalties, and require compliance of real issue. Basic five criteria for making policies
for an organization working process are as:
Distribution- it means all polices is must aware by the employee in hard copy or
electronic distribution.
Review- All policies and rules are converting in audio mode also so everyone
learn about all of the policies.
Understanding- the company must be able to explain that the worker understood
the content of policy and the requirements. They also used different types of ways
for understanding the policy, such as quizzes, and assessments.
Agreement- it should be assured from the employee side that he or she has read,
understood, and agreed to the treated according to the policy.
Uniform enforcement- it was must that; policy is not for a single person. It is
common for the all employees of organization.
All of these are helpful for creating policies for solving raised issues in the company by
the employees. All these are also provide authorization to organization for penalize the employee
who violate the terms and condition of the organization, which are mentioned in the policy of
organization (Tavani, 2003). Laws are dividing in two parts, which are civil and criminal laws
for different activities, but laws also divide two parts, such as private, and public laws. Private
laws handle family, commercial, labor, and regulate the bonding between personal and
companies. Public laws regulate the citizens, workers, and different government relationship
with the structure and administration of government agencies (Jin, Drozdenko, & Bassett, 2007).
Privacy has become one of the huge points in information security system. Many
organizations are having data about the employees and customers in their databases (Smith,
Dinev, & Xu, 2011). Many companies are selling personal information of their employees and
customers for different uses by third party companies. As an example we can take, Cambridge
Analytica and Facebook scandal for US election 2016 (Whitman & Mattord, 2011).
workers in the company, and manage all those issues raised by the behavior of an employee in
the company (Heiser & Nicolett, 2008). Therefore, policies and laws are used for solving those
issues with penalties, and require compliance of real issue. Basic five criteria for making policies
for an organization working process are as:
Distribution- it means all polices is must aware by the employee in hard copy or
electronic distribution.
Review- All policies and rules are converting in audio mode also so everyone
learn about all of the policies.
Understanding- the company must be able to explain that the worker understood
the content of policy and the requirements. They also used different types of ways
for understanding the policy, such as quizzes, and assessments.
Agreement- it should be assured from the employee side that he or she has read,
understood, and agreed to the treated according to the policy.
Uniform enforcement- it was must that; policy is not for a single person. It is
common for the all employees of organization.
All of these are helpful for creating policies for solving raised issues in the company by
the employees. All these are also provide authorization to organization for penalize the employee
who violate the terms and condition of the organization, which are mentioned in the policy of
organization (Tavani, 2003). Laws are dividing in two parts, which are civil and criminal laws
for different activities, but laws also divide two parts, such as private, and public laws. Private
laws handle family, commercial, labor, and regulate the bonding between personal and
companies. Public laws regulate the citizens, workers, and different government relationship
with the structure and administration of government agencies (Jin, Drozdenko, & Bassett, 2007).
Privacy has become one of the huge points in information security system. Many
organizations are having data about the employees and customers in their databases (Smith,
Dinev, & Xu, 2011). Many companies are selling personal information of their employees and
customers for different uses by third party companies. As an example we can take, Cambridge
Analytica and Facebook scandal for US election 2016 (Whitman & Mattord, 2011).
Information security 5
Different professional groups have provided rules for governing ethical behavior of
employees in the organization. There are some ethics for uses of computer system are:
Do not use a computer system to harm other person
Do not interfere in other person personal computer system work.
Do not access files from other person computer system.
Do not steal files form other person computer system
Do not use pirated software without paid for that software
Do not access and use other person’s computer system without proper permission.
Do not steal other person’s intellectual properties.
Always think about your program that is beneficial for social purpose.
Always use a computer system for respect for your fellow humans.
Most of the professional always follow ethics of their organization. All profession
expects from their employees to meet a standard of ethical behavior and this thing is based on the
code of ethics. In term of community work, ethics matter a lot because it is involved the group of
people (Kizza, 2007). The Australian Community Workers Association code of ethics sets a
space for community work for all practitioners. The community worker should respect the worth
of all individuals regardless of their religion, age, gender diversity, race, sexual, and other
individual differences (Kshetri, 2013).
Principles underlying the code of ethics
Every professional person, regardless of sexual, religious, race, age, and gender diversity,
or other individual differences.
Codes of ethics are helpful for maintaining equity, equality, social justice, and freedom.
Every society should balance equity in their society members. Therefore, no one can take
advantages of their position (Doctor, 1991).
Every person is legally protected from different types of discrimination based on
disability, gender, religious, age, sex, and their universal human rights are inviolable.
Responsibilities to clients
For the community worker:
They shall determine relationship between Client and them.
Different professional groups have provided rules for governing ethical behavior of
employees in the organization. There are some ethics for uses of computer system are:
Do not use a computer system to harm other person
Do not interfere in other person personal computer system work.
Do not access files from other person computer system.
Do not steal files form other person computer system
Do not use pirated software without paid for that software
Do not access and use other person’s computer system without proper permission.
Do not steal other person’s intellectual properties.
Always think about your program that is beneficial for social purpose.
Always use a computer system for respect for your fellow humans.
Most of the professional always follow ethics of their organization. All profession
expects from their employees to meet a standard of ethical behavior and this thing is based on the
code of ethics. In term of community work, ethics matter a lot because it is involved the group of
people (Kizza, 2007). The Australian Community Workers Association code of ethics sets a
space for community work for all practitioners. The community worker should respect the worth
of all individuals regardless of their religion, age, gender diversity, race, sexual, and other
individual differences (Kshetri, 2013).
Principles underlying the code of ethics
Every professional person, regardless of sexual, religious, race, age, and gender diversity,
or other individual differences.
Codes of ethics are helpful for maintaining equity, equality, social justice, and freedom.
Every society should balance equity in their society members. Therefore, no one can take
advantages of their position (Doctor, 1991).
Every person is legally protected from different types of discrimination based on
disability, gender, religious, age, sex, and their universal human rights are inviolable.
Responsibilities to clients
For the community worker:
They shall determine relationship between Client and them.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Facial Pattern Recognition Devices | Reportlg...
|9
|1199
|14
Automated Facial Recognition Authentication (AFRA) - Benefits, Problems, and Implicationslg...
|14
|3767
|342
Ethics of Facial Recognition Technology in UKlg...
|10
|2975
|96
The Concept Of Biometric Authenticationlg...
|35
|10751
|12
Automated Facial Recognition System for Licence Renewallg...
|14
|3648
|446
Enhancing Patient Safety through Geo-Tracking and Biometricslg...
|9
|2974
|129