CDU Asset Security & Risk Management: Recommendations & Best Practices

Verified

Added on 2023/06/12

AI Summary

This report assesses asset security and risk management at Charles Darwin University (CDU), identifying key assets such as equipment and information, and associated risks like data loss, unauthorized access, and equipment theft. It categorizes assets, details their types and owners, and proposes treatments for identified risks. The report emphasizes the importance of protecting student and employee credentials and recommends strategies for improving CDU's security landscape, including stakeholder identification, information security strategy development, and security awareness programs. It concludes that effective risk management and mitigation strategies are essential for securing CDU's assets and mitigating potential threats. Access more solved assignments and study resources on Desklib.

Asset Security and
Risk Management
STUDENT NAME:
STUDENT ID:
COURSE ID:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Introduction
Asset security and risk management are referred to as a very important
mechanism for any university to secure their credential from the external
attackers (Layton 2016). It has been identified that due to lack of managerial
and functional operations the Charles Darwin University is facing huge risks
and the risks associated to the University are elaborated in this. On the other
hand, students and employee’s credentials are the most important asset for
the University that should keep safe and secured. The categories of the
assets, details of the assets, their type and owners are demonstrated in this
report addition to possible treatments for all the identified risks.

Identification of assets and
risks
 Asset Identification: The assets has been categorized into main categories
in context to CDU (Charles Darwin University) as Equipment and Information.
Asset Category Asset Details Asset Type
Equipment Violation of operating procedures Internal
Equipment Malfunctioning of software/hardware Internal
Equipment Theft of equipment External
Equipment Physical attack External
Equipment Damage to equipment due to environmental conditions External
Information Loss of data Internal
Information Unauthorized access to data by user External
Information Malicious activity External
Information Human error Internal
Information Implementation error Internal

Identification of assets and
risks
 Risk Identification: The risks has been identified in context to the CDU
systems in terms of the associated assets as presented below:
Asset Name Known threats
Computers Internet connectivity; Inadequate firewall protection
Operating procedures Not following of proper procedures
Software/Hardware Failure of software/hardware
Network Equipment Theft or failure of equipment
Surveillance devices Improper working of monitoring devices
Student enrollment system Malfunctioning of the system
Student/Employees information Theft/leakage or loss of data
Mobile devices Access to university system from external device
System implementation Failure of system modules
Access cards Loss of theft of access cards

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Recommendations
The recommendations to improve the security landscape of CDU
system is presented as below:
 Identification of suitable stakeholders and roles
 Development of proper strategy for information security
 Spreading awareness of information security

Conclusion
From the overall discussion it can be concluded that with the help of
proper risk management or risk mitigation strategies the assets of
the Charles Darwin University can be stored securely and in a
simultaneous manner all the risks can be mitigated. It has been
found that the risk assessment methodologies can ensure the risk
assessments produce the comparable and reproducible results for
the Charles Darwin University.

Bibliography
 Fenz, S., Heurix, J., Neubauer, T. and Pechstein, F., 2014. Current
challenges in information security risk management. Information
Management & Computer Security, 22(5), pp.410-430.
 Layton, T.P., 2016. Information Security: Design, implementation,
measurement, and compliance. CRC Press.
 McIlwraith, A., 2016. Information security and employee behaviour: how
to reduce risk through employee education, training and awareness.
Routledge.
 Peltier, T.R., 2016. Information Security Policies, Procedures, and
Standards: guidelines for effective information security management.
CRC Press.
 Safa, N.S. and Von Solms, R., 2016. An information security knowledge
sharing model in organizations. Computers in Human Behavior, 57,
pp.442-451.