logo

ITC596 - VIC Government - Security Risks and Concerns

12 Pages3080 Words34 Views
   

Charles Sturt University

   

IT Risk Management (ITC596)

   

Added on  2020-03-02

About This Document

Victorian Protective Data Security Framework (VPDSF) is the security scheme that has been prepared by the Victorian Government. This study will discuss the aim of the framework, which is the management of security risks and concerns that are identified in the operations and activities associated with the public sector units. There are three elements of security that are present in VPDSF that is security standards and protocols, an assurance model along with supporting references and guides will be discussed. In this study, the framework will discuss what has been defined for the Victorian Government to address these security risks.

ITC596 - VIC Government - Security Risks and Concerns

   

Charles Sturt University

   

IT Risk Management (ITC596)

   Added on 2020-03-02

ShareRelated Documents
VIC GovernmentSecurity Risks and Concerns
ITC596 - VIC Government - Security Risks and Concerns_1
VIC GovernmentTable of ContentsIntroduction.................................................................................................................................................3Diagram - Explanation................................................................................................................................3Exposure of the Risk - High....................................................................................................................3Exposure of the Risk - Medium...............................................................................................................3Exposure of the Risk - Medium-Low......................................................................................................4Exposure of the Risk - Low.....................................................................................................................4Deliberate v/s Accidental Threats................................................................................................................4Security/Risk Management Execution – Possible Challenges and Issues....................................................6Comparison of Risks and Uncertainties.......................................................................................................7Risk Control and Mitigation........................................................................................................................8Administrative Methodology...................................................................................................................8Technical Approach.................................................................................................................................8Physical Security Approach.....................................................................................................................9Recommendations & Conclusion................................................................................................................9References.................................................................................................................................................112
ITC596 - VIC Government - Security Risks and Concerns_2
VIC GovernmentIntroductionVictorian Protective Data Security Framework (VPDSF) is the security scheme that has beenprepared by the Victorian Government. The aim of the framework is the management of securityrisks and concerns that are identified in the operations and activities associated with the publicsector units. There are three elements to security that are present in VPDSF that is securitystandards & protocols, assurance model along with the supporting references and guides. Theframework that has been defined for the Victorian Government addresses these security risks. Aclear picture of the probable security events is required for the development of the measures toprevent and control the risks. Diagram - ExplanationExposure of the Risk - HighMany information and data security risks may take place in the public sector agencies andorganizations that are linked with and are operated by the Victorian Government. Some of theserisks may have an extremely damaging impact and two of such risk categories include insider3
ITC596 - VIC Government - Security Risks and Concerns_3
VIC Governmentattacks and availability attacks. The members and employees of the public sector units will haveadded privileges to access the public and personal information of the agencies and organizations.These privileges may be used in a malicious manner to expose the information to theunauthorized entities to gain personal advantage. Also, the malevolent entities may flood thesystem with unwanted network traffic to disrupt the continuity of the applications and theservices (Cpdp, 2016). Exposure of the Risk - Medium Information breaches and leakage of the information may occur in association with the data andinformation sets. There may also be violation of the information integrity by altering thedestination address or the contents of the information sets. These attacks will include the networkaccess points as the threat agent. These attacks may occur in association with the information in-motion. Exposure of the Risk - Medium-Low There are some of the extremely severe impacts that may result with the occurrence of a securityattack. These impacts may give rise to the other forms of the risks and threats that may berequired to be dealt with. Some of the data security risks may result in legal obligations or therisks revolving around non-compliance of the regulatory policies. The likelihood of such eventsis not very high and these have been therefore been put in this category. Exposure of the Risk - Low Many of the data security risks may come up due to the operational error or a technical faultresulted due to the negligence or mistake of the operator or the employee. These events may leadto the exposure of information in front of the unauthorized entities. There may also beoccurrences wherein the damage may not be reversible in nature. The likelihood and the degreeof impact associated with these issues are low (Moreau, 2001). Deliberate v/s Accidental ThreatsThe data and information security risks that may occur in the VIC Government and the publicsector units governed by the Government are abundant in number. The nature of these risks maydiffer from one another that will determine the degree of impact that will be caused by theoccurrence of the risk. 4
ITC596 - VIC Government - Security Risks and Concerns_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
EDUC 448 - Victorian Protective Data Security Framework
|11
|2816
|230

Security Risks and Concerns 8/28/2017 Introduction 3 Security Risks and Concerns Diagram
|11
|3156
|439

Risks and Threats of Victorian Government- Report
|19
|4412
|42

itc596 - Risk faced by VIC Government - Report
|15
|2864
|45

Victoria Protective Data Security Framework
|12
|3162
|125

Victorian Protective Data Security Framework - ICT 303
|18
|3857
|81