Privacy and Security Procedures for Compliance Report 2022

Assist University A in evaluating security options for implementing a new Student Management System (SMS) to improve compliance, reduce administrative burden, and enhance student experience.

13 Pages2774 Words15 Views

Added on 2022-10-17

Privacy and Security Procedures for Compliance Report 2022

Assist University A in evaluating security options for implementing a new Student Management System (SMS) to improve compliance, reduce administrative burden, and enhance student experience.

Added on 2022-10-17

Related Documents

PRIVACY AND SECURITY PROCEDURES FOR COMPLIANCE
{STUDENT NAME}
{PROFESSOR’S NAME}
{DATE}

Privacy and Security Procedures for Compliance Report 2022_1

Table of Contents
Introduction.................................................................................................................... 3
Law and Regulations for compliance by University A................................................................3
Section 4 of the IT security policy...................................................................................... 3
External providers law.................................................................................................... 3
Cloud and Managed Services............................................................................................ 4
Cloud Managed Services Risk Management Plan...................................................................4
Consultation................................................................................................................. 5
Approvals................................................................................................................... 5
Cloud and Managed Services Register................................................................................ 6
Application Classification................................................................................................ 6
Software Application Selection......................................................................................... 6
Software Application Maintenance..................................................................................... 7
Patch Management and Security Updates............................................................................. 7
Software Application Review........................................................................................... 8
Software Application Retirement....................................................................................... 8
Obligations of University A Under the Laws............................................................................9
Importance of the Obligation.................................................................................... 10
Laws, Regulations and procedures Compliance......................................................................12
Other Areas to be Considered............................................................................................ 12
Conclusion................................................................................................................... 13
Reference..................................................................................................................... 13

Privacy and Security Procedures for Compliance Report 2022_2

Introduction
The report is about University A which is located in the New South Wales in Australia.
The university is aimed at implementation of the new student management system which will
be used in the management of the operation of learning in the university since it normally does
recruitment of 45% international student and 55% domestic students. There are laws,
regulation and procedures which are set out for compliance by the university. These laws and
regulations has to be complied for the implementation of the SMS to be smooth since the
university is aim at creating maximum revenue collection which will come as a result of
complying with the laws and regulations set out.
Law and Regulations for compliance by University A
The university has to comply with the below regulations set from ("Home / Victoria
University Policy Library", 2019)
Section 4 of the IT security policy
(23) “All community members who wish to use Victoria University multi-user computer
systems must sign a compliance statement prior to being issued a staff or user ID. For staff this is
part of their employment conditions. For students this is part of their enrolment form.”
External providers law
(24) “The responsibility for the security of equipment deployed by external service
providers must be clarified in the contract with the service provider and include documentation of
security contacts and escalation procedures.”
(25) “All outsourcing contracts between external providers and Victoria University for
services and equipment must comply with the Contracts Policy and Procedures and will include
reference to IT Security policies and procedures.”

Privacy and Security Procedures for Compliance Report 2022_3

(26) “Business Owners will monitor and review external provider services to ensure
appropriate security controls are implemented and maintained as specified in the outsourcing
contract.”
Cloud and Managed Services
(8) “The strategic decision is to use Clouding Computing or Managed Services as a
preferred model where there is a clear demonstration of cost savings and overall business value
for the University.”
(9) “There is a growing trend within the industry to obtain Information and
Communication Technology (ICT) systems and applications managed in the cloud due to the low
costs and simple access methods using the Internet.”
(10) “Without a defined framework the University can be exposed to the following risks:
a. Loss of University information;
b. Noncompliance to Federal and State based legislation;
c. Increased usage costs.”
(11) “VU Departments considering the use of cloud and managed services systems in lieu
of corporate IT systems must complete a full procurement process, including a full risk
assessment and consideration of options.”
Cloud Managed Services Risk Management Plan
(12) “Contracts with Cloud providers or IT managed service providers cannot be entered
without a risk based assessment being undertaken.”

Privacy and Security Procedures for Compliance Report 2022_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Cyber Law: Overview, In-house Built System, Obligations of University A

|20

|1040

|29

Cyber Law Project Assignment

|12

|3230

|126

Migrating Business and Cloud Computing Assignment

|19

|6022

|37

Cyber Security Law Enforcement Report 2022

|2018

|10

GDPR and Cloud Computing

|745

|439

Debrief Privacy and Data Protection Act of 2014 IT Hardware and Software Acquisition Policy ( Krausz, 2009)

|13

|410

|13

Privacy and Security Procedures for Compliance Report 2022

Privacy and Security Procedures for Compliance Report 2022

End of preview

Cyber Law: Overview, In-house Built System, Obligations of University Alg...

Cyber Law Project Assignmentlg...

Migrating Business and Cloud Computing Assignmentlg...

Cyber Security Law Enforcement Report 2022lg...

GDPR and Cloud Computinglg...

Debrief Privacy and Data Protection Act of 2014 IT Hardware and Software Acquisition Policy ( Krausz, 2009)lg...

Cyber Law: Overview, In-house Built System, Obligations of University A

Cyber Law Project Assignment

Migrating Business and Cloud Computing Assignment

Cyber Security Law Enforcement Report 2022

GDPR and Cloud Computing

Debrief Privacy and Data Protection Act of 2014 IT Hardware and Software Acquisition Policy ( Krausz, 2009)