BN311 IT Security Management: Contingency Planning and Security
VerifiedAdded on 2023/06/12
|10
|2239
|106
Report
AI Summary
This report provides a comprehensive overview of IT security management, focusing on contingency planning and security measures for an online retail business. It delves into the importance of contingency planning, detailing delegation strategies and critical information access protocols. The report also examines essential security tools such as BitLocker, Nmap, and Paros, explaining their functionalities in safeguarding data and networks. Furthermore, it addresses compliance with the Australian Privacy Principles and Cyber Security regulations, emphasizing the Protective Security Policy Framework. The document outlines the policy's objectives, scope, standards, procedures, and guidelines for effective security management. Desklib offers this document and many more to aid students in their studies.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: SECURITY POLICY DOCUMENTATION
Security Policy Documentation
Name of the Student:
Student ID:
Name of the University:
Author’s note:
Security Policy Documentation
Name of the Student:
Student ID:
Name of the University:
Author’s note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1SECURITY POLICY DOCUMENTATION
Table of Contents
Introduction......................................................................................................................................2
Section 1: Contingency Planning.....................................................................................................2
Section 2: Security Tools.................................................................................................................3
Section 3: Information Security Act................................................................................................5
Section 4: Security Management Policy..........................................................................................6
Bibliography....................................................................................................................................8
Table of Contents
Introduction......................................................................................................................................2
Section 1: Contingency Planning.....................................................................................................2
Section 2: Security Tools.................................................................................................................3
Section 3: Information Security Act................................................................................................5
Section 4: Security Management Policy..........................................................................................6
Bibliography....................................................................................................................................8
2SECURITY POLICY DOCUMENTATION
Introduction
The following report is based on the case study of online retail business development
plan for a retail outlet by an independent man. The deployment of the online ordering system
would allow the person for the implication of the effective operation development. The
contingency planning, security tools, information security act, and security management policy is
developed for forming the effective implication of the online operations.
Section 1: Contingency Planning
The contingency planning is a tool that implies the use of the surrogate planning for
dealing with the implication of the activities for forming the alignment of the improved functions
[4]. The implication of the activities would allow the online function implementation of the
project plan. The analysis would also be helpful for forming the alignment of the operations of
online functional development. The contingency planning for online ordering system would be
developed for forming the utilization of the effective operation development and alignment of
the improved section development. The implication of the contingency planning would be based
on the formation of the activities. The plan development for the probable failure of the project
would require the implication of the successive technology innovation [2]. The contingency
planning for the project of online ordering system for the retail outlet would involve the
following activities,
Delegation before crisis: The occurrence of the catastrophic events would strike all the
elements of the project. The issues might lead to the probability of the crisis for the continuation
of the project. There are three ways for implementing the delegation in the project of online
ordering system development for the independent men’s wear retail outlet and they are hiring an
Introduction
The following report is based on the case study of online retail business development
plan for a retail outlet by an independent man. The deployment of the online ordering system
would allow the person for the implication of the effective operation development. The
contingency planning, security tools, information security act, and security management policy is
developed for forming the effective implication of the online operations.
Section 1: Contingency Planning
The contingency planning is a tool that implies the use of the surrogate planning for
dealing with the implication of the activities for forming the alignment of the improved functions
[4]. The implication of the activities would allow the online function implementation of the
project plan. The analysis would also be helpful for forming the alignment of the operations of
online functional development. The contingency planning for online ordering system would be
developed for forming the utilization of the effective operation development and alignment of
the improved section development. The implication of the contingency planning would be based
on the formation of the activities. The plan development for the probable failure of the project
would require the implication of the successive technology innovation [2]. The contingency
planning for the project of online ordering system for the retail outlet would involve the
following activities,
Delegation before crisis: The occurrence of the catastrophic events would strike all the
elements of the project. The issues might lead to the probability of the crisis for the continuation
of the project. There are three ways for implementing the delegation in the project of online
ordering system development for the independent men’s wear retail outlet and they are hiring an
3SECURITY POLICY DOCUMENTATION
employee for managing the situation, hiring a local contractor for the problem, and bringing the
virtual assistant for project operations.
Access to critical info: The contingency plan development would require the inclusion of
the access to the most critical information and data [1]. The implication of the critical
information and data would allow the implication of the improved functional development. The
access to the critical information would help in listing the critical information and accessing
important accounts for developing the complete and accurate final contingency planning. It is
important for allowing the inclusion of the most critical information to be included in the project
of development of the operations.
Development of Procedure Manual: The development of the procedure manual for the
implementation of online ordering system would be based on the implication of the successive
implication of the effective operation development [3]. The project manager would develop a
procedure manual that would consist of the implication of the activities favouring the analysis of
the operations. The implication of the activities had also been resulting with the help of the
procedure for forming the online system development.
Section 2: Security Tools
There are multiple security options available for the implementation of the security in the
online ordering system development for the men’s apparel retail outlet. The development of the
successive activities favouring the implication of the online ordering system would make the
data and information accessible on internet cloud platform. It has given rise to a number of
security issues and implication of the technological errors for the users. The security tools like
BitLocker, NMap, and Paros [7]. The use of these three tools would help in forming the
employee for managing the situation, hiring a local contractor for the problem, and bringing the
virtual assistant for project operations.
Access to critical info: The contingency plan development would require the inclusion of
the access to the most critical information and data [1]. The implication of the critical
information and data would allow the implication of the improved functional development. The
access to the critical information would help in listing the critical information and accessing
important accounts for developing the complete and accurate final contingency planning. It is
important for allowing the inclusion of the most critical information to be included in the project
of development of the operations.
Development of Procedure Manual: The development of the procedure manual for the
implementation of online ordering system would be based on the implication of the successive
implication of the effective operation development [3]. The project manager would develop a
procedure manual that would consist of the implication of the activities favouring the analysis of
the operations. The implication of the activities had also been resulting with the help of the
procedure for forming the online system development.
Section 2: Security Tools
There are multiple security options available for the implementation of the security in the
online ordering system development for the men’s apparel retail outlet. The development of the
successive activities favouring the implication of the online ordering system would make the
data and information accessible on internet cloud platform. It has given rise to a number of
security issues and implication of the technological errors for the users. The security tools like
BitLocker, NMap, and Paros [7]. The use of these three tools would help in forming the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4SECURITY POLICY DOCUMENTATION
alignment of the security functions for the online ordering system for the retail outlet. The
explanation of the security tools is given below,
BitLocker: The BitLocker works as a protection guard for the online data and
information storage. The bitlocker comes with a full disk encryption for the information posted
on the cloud based internet storage. The BitLocker is available in all latest upgrades of windows
(Windows Vista and higher) and it applies protection on a full scale volume of data for keeping
the information safe [8]. The BitLocker uses AES encryption process and the algorithm is also
similar. The locking method is based on 256 bit or 128 bit keys along with either XTS model or
Cipher Block Chaining [6]. The implication of the Cipher Block Chaining can be done on an
individual sector of the dataset instead of the whole volume at once. The implication of the
technology would help in limiting the understanding of the data by any external person. It comes
with the default Windows (Windows Vista or higher), hence, the implication of the BitLocker
would be cost effective for the project.
Nmap: The Nmap works as a security scanning and vulnerability analysis tool and it
helps in forming an overview analysis of the security functions. The implication of the improved
operations would support the deployment of the auditing of the information and network. The
Nmap works as the best encryption VPN tool for protecting the data and information [5]. It
would allow the safeguard of the data from being misused or being fallen into wrong hand. The
Nmap works as an open source port scanner. Since the tool is an open source software, it is
available free of cost for the users. Hence, it can be implied for the project of online ordering
system development for the men’s apparel retail outlet without using any extra costs. The tool
would help in pointing out whether the system is being spied via internet cloud access by
monitoring the open services and ports of the network.
alignment of the security functions for the online ordering system for the retail outlet. The
explanation of the security tools is given below,
BitLocker: The BitLocker works as a protection guard for the online data and
information storage. The bitlocker comes with a full disk encryption for the information posted
on the cloud based internet storage. The BitLocker is available in all latest upgrades of windows
(Windows Vista and higher) and it applies protection on a full scale volume of data for keeping
the information safe [8]. The BitLocker uses AES encryption process and the algorithm is also
similar. The locking method is based on 256 bit or 128 bit keys along with either XTS model or
Cipher Block Chaining [6]. The implication of the Cipher Block Chaining can be done on an
individual sector of the dataset instead of the whole volume at once. The implication of the
technology would help in limiting the understanding of the data by any external person. It comes
with the default Windows (Windows Vista or higher), hence, the implication of the BitLocker
would be cost effective for the project.
Nmap: The Nmap works as a security scanning and vulnerability analysis tool and it
helps in forming an overview analysis of the security functions. The implication of the improved
operations would support the deployment of the auditing of the information and network. The
Nmap works as the best encryption VPN tool for protecting the data and information [5]. It
would allow the safeguard of the data from being misused or being fallen into wrong hand. The
Nmap works as an open source port scanner. Since the tool is an open source software, it is
available free of cost for the users. Hence, it can be implied for the project of online ordering
system development for the men’s apparel retail outlet without using any extra costs. The tool
would help in pointing out whether the system is being spied via internet cloud access by
monitoring the open services and ports of the network.
5SECURITY POLICY DOCUMENTATION
Paros: Paros is the most effective penetration testing tool that would be able to analyse
the web applications based on the Java based web proxy [9]. It can scanner the complete web site
by using the web traffic recorder, hash calculator, and web spider. The tool is most helpful for
the analysis of the vulnerabilities like cross site scripting and SQL injections and compare to it
functions, the cost of the tool is negligible.
Section 3: Information Security Act
The implication of the web based operations for the project of online ordering system
development for the men’s apparel retail outlet would require the organization to abide by the
Australian Laws of Privacy and Cyber Security. The ISO 27002 (ISO, 2015) would act as the
major standard for the development of the cyber security in the organization [11]. The
deployment of the Australian Privacy Principles (APP) would be helpful for aligning the
development of the improved cyber security for the online ordering system. The new APPs are a
portion of the amendments of the 1988’s Privacy Act (Cth) and it has helped in overcoming the
problems for the complexity and confusion for the application of the security [10]. The key
points of the information security act of Privacy Act 1988 (Cth) are,
Breach notification is not mandatory
States and territories would have their own data protection legislation
Following of the commonwealth acts is very crucial
The personal information is identified as the data or information recorded for the
individual who can be indentified reasonably. The sensitive information is basically the
Paros: Paros is the most effective penetration testing tool that would be able to analyse
the web applications based on the Java based web proxy [9]. It can scanner the complete web site
by using the web traffic recorder, hash calculator, and web spider. The tool is most helpful for
the analysis of the vulnerabilities like cross site scripting and SQL injections and compare to it
functions, the cost of the tool is negligible.
Section 3: Information Security Act
The implication of the web based operations for the project of online ordering system
development for the men’s apparel retail outlet would require the organization to abide by the
Australian Laws of Privacy and Cyber Security. The ISO 27002 (ISO, 2015) would act as the
major standard for the development of the cyber security in the organization [11]. The
deployment of the Australian Privacy Principles (APP) would be helpful for aligning the
development of the improved cyber security for the online ordering system. The new APPs are a
portion of the amendments of the 1988’s Privacy Act (Cth) and it has helped in overcoming the
problems for the complexity and confusion for the application of the security [10]. The key
points of the information security act of Privacy Act 1988 (Cth) are,
Breach notification is not mandatory
States and territories would have their own data protection legislation
Following of the commonwealth acts is very crucial
The personal information is identified as the data or information recorded for the
individual who can be indentified reasonably. The sensitive information is basically the
6SECURITY POLICY DOCUMENTATION
information like health records, religious beliefs, sexual orientation, biometric information, racial
information, and genetic information.
Section 4: Security Management Policy
Policy Name: Protective Security Policy Framework
Policy Statement: “The Protective Security Policy Framework (PSPF) applies to non-corporate
Commonwealth entities subject to Public Governance, Performance and Accountability Act 2013
(PGPA Act) to the extent consistent with legislation”[10]
Purpose/Objectives: The security management policy is developed for the alignment of the
effective security measures and listing the alignment of the successive integration of the
operations favouring the alignment of the security measures for the cyber crimes and security
issues. The implication of the protective security policy framework would be aligned with the
implication of the successive development of the operations. The alignment of the security
development had been helpful for the development of the successive implication of the methods
for protecting the data for the analysis of the operations.
Scope: The scope of the protective security policy framework is aligned with the implication of
the security measures for the online ordering system for the men’s apparel retail store. It would
allow the safeguard of the data from being misused or being fallen into wrong hand and can be
implied for the project of online ordering system development for the men’s apparel retail outlet
to help in pointing out whether the system is being spied via internet cloud access by monitoring
the open services and ports of the network.
information like health records, religious beliefs, sexual orientation, biometric information, racial
information, and genetic information.
Section 4: Security Management Policy
Policy Name: Protective Security Policy Framework
Policy Statement: “The Protective Security Policy Framework (PSPF) applies to non-corporate
Commonwealth entities subject to Public Governance, Performance and Accountability Act 2013
(PGPA Act) to the extent consistent with legislation”[10]
Purpose/Objectives: The security management policy is developed for the alignment of the
effective security measures and listing the alignment of the successive integration of the
operations favouring the alignment of the security measures for the cyber crimes and security
issues. The implication of the protective security policy framework would be aligned with the
implication of the successive development of the operations. The alignment of the security
development had been helpful for the development of the successive implication of the methods
for protecting the data for the analysis of the operations.
Scope: The scope of the protective security policy framework is aligned with the implication of
the security measures for the online ordering system for the men’s apparel retail store. It would
allow the safeguard of the data from being misused or being fallen into wrong hand and can be
implied for the project of online ordering system development for the men’s apparel retail outlet
to help in pointing out whether the system is being spied via internet cloud access by monitoring
the open services and ports of the network.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7SECURITY POLICY DOCUMENTATION
Standards: The standards of the protective security policy framework are,
Removal of the duplication of the information for forming a consolidated and simplified
set
Implication of the existing legislative and policy requirements for the online data storage
Application of the new security principles for each of the security functions
New security outcomes must be used for reporting against the entities
Procedures: The procedures of the protective security policy framework are,
a) Applicability to non corporate commonwealth organizations that are subjected to be in
accordance of the Public Governance
b) Inclusion of the Deed of Agreement for the non government organizations
c) State and territory government and agencies have held the classified information of
Commonwealth security
Guidelines: The guidelines of the protective security policy framework are,
Security guidance would help in improving the standard and better practices for the cyber
security
Deliverance of the core requirements along with supporting requirements is advised
Standards: The standards of the protective security policy framework are,
Removal of the duplication of the information for forming a consolidated and simplified
set
Implication of the existing legislative and policy requirements for the online data storage
Application of the new security principles for each of the security functions
New security outcomes must be used for reporting against the entities
Procedures: The procedures of the protective security policy framework are,
a) Applicability to non corporate commonwealth organizations that are subjected to be in
accordance of the Public Governance
b) Inclusion of the Deed of Agreement for the non government organizations
c) State and territory government and agencies have held the classified information of
Commonwealth security
Guidelines: The guidelines of the protective security policy framework are,
Security guidance would help in improving the standard and better practices for the cyber
security
Deliverance of the core requirements along with supporting requirements is advised
8SECURITY POLICY DOCUMENTATION
Bibliography
References
[1]K. Van Assche, M. Duineveld and R. Beunen, "Power and Contingency in Planning",
Environment and Planning A, vol. 46, no. 10, pp. 2385-2400, 2014.
[2]C. Moturi, "Embracing Contingency Planning for University Information Resources", British
Journal of Applied Science & Technology, vol. 4, no. 3, pp. 492-509, 2014.
[3]O. Yoshida and R. Saijo, "3. Transboundary Environmental Co-operation: B. International /
Transboundary Contingency Planning / Emergency Assistance", Yearbook of International
Environmental Law, vol. 24, no. 1, pp. 201-204, 2014.
[4]R. Hager, "Biobanking Operations: Contingency Planning and Disaster Recovery of Research
Samples", BioProcessing Journal, vol. 13, no. 1, pp. 56-58, 2014.
[5]B. Horowitz and D. Lucero, "SYSTEM-AWARE CYBER SECURITY: A SYSTEMS
ENGINEERING APPROACH FOR ENHANCING CYBER SECURITY", INSIGHT, vol. 19,
no. 2, pp. 39-42, 2016.
[6]W. Wilkinson, "Cyber discovery in investigations", Network Security, vol. 2016, no. 1, pp.
15-17, 2016.
[7]M. Wagner, "The hard truth about hardware in cyber-security: it's more important", Network
Security, vol. 2016, no. 12, pp. 16-19, 2016.
[8]M. Hall, "Why people are key to cyber-security", Network Security, vol. 2016, no. 6, pp. 9-10,
2016.
Bibliography
References
[1]K. Van Assche, M. Duineveld and R. Beunen, "Power and Contingency in Planning",
Environment and Planning A, vol. 46, no. 10, pp. 2385-2400, 2014.
[2]C. Moturi, "Embracing Contingency Planning for University Information Resources", British
Journal of Applied Science & Technology, vol. 4, no. 3, pp. 492-509, 2014.
[3]O. Yoshida and R. Saijo, "3. Transboundary Environmental Co-operation: B. International /
Transboundary Contingency Planning / Emergency Assistance", Yearbook of International
Environmental Law, vol. 24, no. 1, pp. 201-204, 2014.
[4]R. Hager, "Biobanking Operations: Contingency Planning and Disaster Recovery of Research
Samples", BioProcessing Journal, vol. 13, no. 1, pp. 56-58, 2014.
[5]B. Horowitz and D. Lucero, "SYSTEM-AWARE CYBER SECURITY: A SYSTEMS
ENGINEERING APPROACH FOR ENHANCING CYBER SECURITY", INSIGHT, vol. 19,
no. 2, pp. 39-42, 2016.
[6]W. Wilkinson, "Cyber discovery in investigations", Network Security, vol. 2016, no. 1, pp.
15-17, 2016.
[7]M. Wagner, "The hard truth about hardware in cyber-security: it's more important", Network
Security, vol. 2016, no. 12, pp. 16-19, 2016.
[8]M. Hall, "Why people are key to cyber-security", Network Security, vol. 2016, no. 6, pp. 9-10,
2016.
9SECURITY POLICY DOCUMENTATION
[9]Y. Storch Rudall, "Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners",
Kybernetes, vol. 41, no. 34, 2012.
[10]"IEEE Cyber Security", IEEE Pervasive Computing, vol. 15, no. 3, pp. c2-c2, 2016.
[11]F. Smith and G. Ingram, "Organising cyber security in Australia and beyond", Australian
Journal of International Affairs, vol. 71, no. 6, pp. 642-660, 2017.
[12]K. Renaud and S. Flowerday, "Human-centred cyber security", Journal of Information
Security and Applications, vol. 34, p. 1, 2017.
[9]Y. Storch Rudall, "Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners",
Kybernetes, vol. 41, no. 34, 2012.
[10]"IEEE Cyber Security", IEEE Pervasive Computing, vol. 15, no. 3, pp. c2-c2, 2016.
[11]F. Smith and G. Ingram, "Organising cyber security in Australia and beyond", Australian
Journal of International Affairs, vol. 71, no. 6, pp. 642-660, 2017.
[12]K. Renaud and S. Flowerday, "Human-centred cyber security", Journal of Information
Security and Applications, vol. 34, p. 1, 2017.
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.