ICT System Security: Policies, Procedures, Ethics, and Communication

Verified

Added on 2020/11/02

AI Summary

This assignment solution addresses key aspects of system security, organizational policies, and ethical considerations within the ICT industry. It outlines specific procedures for maintaining privacy and data security, including access controls, encryption, and the use of firewalls. The solution further explores organizational communication processes related to privacy, copyright, and ethics, emphasizing adherence to the Australian Privacy Principles and copyright laws. It also provides insights into effective IT helpdesk communication, highlighting the importance of verifying identity, active listening, appropriate language, and acting in the customer's best interest. Finally, the solution explains the role of the Australian Computer Society's Code of Ethics in upholding high standards of competence and ethical conduct within the ICT profession, emphasizing service to the community and advancement of human welfare.

Question 6:
Explain a specific organisational policy or procedure that relates to system security for each of
the following areas:
· privacy
· data.
Privacy
A specific procedure to keep sensitive client information private may be to allocate only a small
number of staff with the required elevated authorisations to access the information. To further
increase system security, a procedure could be to only grant these users access on specific devices
on the company’s local network.
Data
An organisational procedure to improve the security of company data could be to ensure that all
access to that data is via an encrypted connection and that all backups and storage of said data is
safely encrypted. Additionally, a company could use a reverse proxy to increase the system security.
Question 7:
In two to three paragraphs discuss security features of a server operating system, and how they
relate to the protection of privacy, ethics and copyright information.
Security features of server operating systems vary greatly depending on the versions and brands of
operating system, but they all look to serve the same purpose of protecting the function of the
system and the privacy of the data. The security of a server is crucial for successful operation in an
organisation, hence why such an emphasis has been placed on system security within server
operating systems. Let’s explore two main features and their role in the security of the system.
The first main security feature included in most server operating systems is the optional use of
encryption. The purpose here is to protect the privacy of private or sensitive data from unauthorised
users. This also falls inline with the code of ethics which provides confidence to those owning or
supplying the private or sensitive data. The second main feature is the firewall. This is a main
defence against malicious intent looking to compromise the system and/or the information on the
system. Like the afore mentioned encryption method, this feature looks to ensure the privacy of
private or sensitive information as well as helping to ensure the preservation of the data.
Question 8:
For each of the following, write a single paragraph outlining organisational communication
processes and procedures that are required for:
· Privacy – requests to change information
· Copyright – ensuring that content in an organisational website does not infringe copyright
legislation
· Ethics – cultural awareness.
Privacy

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

In line with the Australian Privacy Principles an entity must take reasonable steps to protect personal
information from misuse, interference, and loss and from unauthorised access, modification, or
disclosure. In the same token, an entity is obliged to give an individual access to their own personal
information and to correct or change that information. This means that there must be security
placed upon the individual’s data to ensure that interference or misuse doesn’t occur from
unauthorised users. It also means that for an individual to access their own personal information
they must prove to the business that their purposed identity is sound and entitled to the access of
the information.
Copyright
Before the website is made public it must be thoroughly analysed for its use of multi-media and
information. The organisation must ensure that all uses of images, audio, designs, trademarks etc
comply with copyright law. As an extra precaution, whilst the website is being created a list of Public
domain or Common creative sources can be suggested to the creators, whilst there is an ongoing
audit of copyright infringement.
Ethics
An organisation should go about devising a collation of different customer and staff cultures and
determining what would be appropriate within the code of ethics. It is a near impossible task to
ensure an organisation’s code of ethics can cater for all cultures so it would be appropriate to
identify and emphasis the fact that cultural awareness needs to be adhered to.
Question 9:
You work in an IT Helpdesk providing phone support to customers. Identify five areas and an
explanation for each, that you need to be aware of when communicating with customers and
solving their questions.
Integrity of their purposed identity
You need to be able to ensure that the person you are talking to are who they are claiming to be.
Without concern for this could lead to disclosure of sensitive information.
Listening to their problem
You need to be able to listen, understand and communicate with the customers to ensure you are
delivering the service they require and efficiently solving their problems.
Acknowledge their Problem
Acknowledge the problem the customer has and work towards a solution.
Appropriate language and attitude
You need to utilize appropriate language when communicating with the customer to ensure that the
integrity of the company you work for is maintained. This is also extremely productive in building
rapport and efficiently solving the customers problems.
Act in the customers best interest
You must act in the best interest of the customer and the company. Failing to do this would result in
dissatisfaction from both the company and the customer.
Disclosure of company information
You must ensure you do not disclose sensitive company or personal information that conflicts with
privacy policies and procedures.

Record the Conversation
This ensures all information and delivery of information is captured during the call. This means that
every detail can be captured for later use.
Take details
Record the details of the customer as well as the problem. This gives more available detail in
providing a solution to the customer.
Question 10:
In one to two paragraphs explain the Australian Computer Society’s Code of Ethics, and its role
in the ICT industry.
The Role of the Australian Computer Society’s Code of Ethics is to maintain a high standard of
competence and ethical conduct in the profession of information technology. Members are
expected to loyally serve the community, strive to increase competence and prestige of the
profession, be honest and impartial and use special knowledge and skill resulting in the
advancement of human welfare.