BIT361 Major Assessment: Security Management and Governance at PAI
VerifiedAdded on 2025/04/23
|9
|1317
|165
AI Summary
Desklib provides past papers and solved assignments. This report details PAI's security management program.
BIT361 SECURITY MANAGEMENT AND
GOVERNANCE
MAJOR ASSESSMENT
Student ID:
Student Name:
Contents
GOVERNANCE
MAJOR ASSESSMENT
Student ID:
Student Name:
Contents
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Executive Summary.........................................................................................................................3
Part A...............................................................................................................................................4
Benefits and requirement of Security Management and Governance Program..........................4
Development................................................................................................................................4
Security Management Program: Functions, Roles and responsibilities......................................5
Model/Method for development of a security management program.........................................6
Legal & statutory requirements and the benefits the formal approach would bring...................6
Conclusion.......................................................................................................................................8
Reference.........................................................................................................................................9
Part A...............................................................................................................................................4
Benefits and requirement of Security Management and Governance Program..........................4
Development................................................................................................................................4
Security Management Program: Functions, Roles and responsibilities......................................5
Model/Method for development of a security management program.........................................6
Legal & statutory requirements and the benefits the formal approach would bring...................6
Conclusion.......................................................................................................................................8
Reference.........................................................................................................................................9
Executive Summary
This report is based on the development of security management and governance program to be
implemented for PAI that is software Development Company based on artificial intelligence.
This report provides an understanding of the development methods based on legal and statuary
policies along with an explanation of the roles and responsibilities of all the individual in the
organization.
This report is based on the development of security management and governance program to be
implemented for PAI that is software Development Company based on artificial intelligence.
This report provides an understanding of the development methods based on legal and statuary
policies along with an explanation of the roles and responsibilities of all the individual in the
organization.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Part A
Benefits and requirement of Security Management and Governance Program
Power AI is a software development company that focuses on the devolvement of systems based
on artificial intelligence to save power generation, storage, and consumption for all sectors
including business, home, and industries. The services provided by PAI are unique that have a
unique code of the sources. The source code contains attached documentation of the designs and
concepts. For ensuring the constant growth of the company with their unique solutions it is
important to ensure the security of their unique designs. PAI has entire documentation of their
designs and unique concepts attached with the source code those having a risk of getting lost or
reached by the competitors that can be used by the revelries in the market for the development of
same products and the company may face a cost disadvantage or information loss worth
$3million. The security management of the intellectual property of the company needs to be
upgraded to ensure the following benefits to PAI:
Secure the intellectual property of the company including the sensitive data of the
company on cloud and devices.
Will provide a structured framework for data management, compiled at one place.
Data security will be constantly updated by changing the operational environment of
PAI.
ICT program will protect the integrity, confidentiality, and availability of the sensitive
information regarding the products delivered by PAI.
It increases elasticity against cyber attacks.
Will reduce the information security cost with increased security layers only for a single
time (Cybersecurity, 2019).
Development
The security management system of Power AI requires to be updated for the security of the
intellectual property of the company as it defines the uniqueness of the company, strategies, and
researches on the unique artificial intelligence products that it is providing. Recently Power AI is
Benefits and requirement of Security Management and Governance Program
Power AI is a software development company that focuses on the devolvement of systems based
on artificial intelligence to save power generation, storage, and consumption for all sectors
including business, home, and industries. The services provided by PAI are unique that have a
unique code of the sources. The source code contains attached documentation of the designs and
concepts. For ensuring the constant growth of the company with their unique solutions it is
important to ensure the security of their unique designs. PAI has entire documentation of their
designs and unique concepts attached with the source code those having a risk of getting lost or
reached by the competitors that can be used by the revelries in the market for the development of
same products and the company may face a cost disadvantage or information loss worth
$3million. The security management of the intellectual property of the company needs to be
upgraded to ensure the following benefits to PAI:
Secure the intellectual property of the company including the sensitive data of the
company on cloud and devices.
Will provide a structured framework for data management, compiled at one place.
Data security will be constantly updated by changing the operational environment of
PAI.
ICT program will protect the integrity, confidentiality, and availability of the sensitive
information regarding the products delivered by PAI.
It increases elasticity against cyber attacks.
Will reduce the information security cost with increased security layers only for a single
time (Cybersecurity, 2019).
Development
The security management system of Power AI requires to be updated for the security of the
intellectual property of the company as it defines the uniqueness of the company, strategies, and
researches on the unique artificial intelligence products that it is providing. Recently Power AI is
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
protecting the sensitive information as trade secrets. Through trade sources, the documentation
that is attached with the source code and the information’s of the end products are copyright
protected with certain laws but it is not sufficient for the security of the intellectual property of
the company. The intellectual property needs protection through IP protection system. The
management structure of Power AI to support the IP protection system is detected, operational
security of PAI is reviewed and cyber security is ensured for securing the intellectual property of
PAI. Depending on the findings from the management structure, operational security detection,
and cybersecurity, IP security components are drafted, with certain policies, procedures and
processes of IP security management system along with crisis management to in case of any
security breach found in the system. A sustainable IP security system is ensured in the security
management of PAI with the implementation of new recommendations to fill the gaps in the IP
security system of PAI. The IP protection implementation primarily prove to be a tough task to
be implemented under the purview of human resource, other departments of PAI and legal IT
departments. Daily look on the social media blogs and post, legal reports of the company can be
a measure to detect the risk of leakage of sensitive data’s related to R & D department of PAI
(Ahmad.et.al, 2014).
Security Management Program: Functions, Roles and responsibilities
To accomplish the security of the intellectual property of PAI the roles and responsibilities of the
professional of PAI and the development teams need to be defined for ensuring structured work
and even distribution of work in the development of IP security management system for PAI.
Risk Executive Function: To address the security risk and strategy development within
PAI.
Chief Executive Officer: This role holds the highest responsibility within the
organization and responsible for offering security to the information’s commensurate.
Chief Information officer: This role responsibility is to provide resources for the
security that support the mission of PAI.
Senior Agency Information security Officer: management of the IP security program.
Information Owner: Develop rules for sensitive data protection.
that is attached with the source code and the information’s of the end products are copyright
protected with certain laws but it is not sufficient for the security of the intellectual property of
the company. The intellectual property needs protection through IP protection system. The
management structure of Power AI to support the IP protection system is detected, operational
security of PAI is reviewed and cyber security is ensured for securing the intellectual property of
PAI. Depending on the findings from the management structure, operational security detection,
and cybersecurity, IP security components are drafted, with certain policies, procedures and
processes of IP security management system along with crisis management to in case of any
security breach found in the system. A sustainable IP security system is ensured in the security
management of PAI with the implementation of new recommendations to fill the gaps in the IP
security system of PAI. The IP protection implementation primarily prove to be a tough task to
be implemented under the purview of human resource, other departments of PAI and legal IT
departments. Daily look on the social media blogs and post, legal reports of the company can be
a measure to detect the risk of leakage of sensitive data’s related to R & D department of PAI
(Ahmad.et.al, 2014).
Security Management Program: Functions, Roles and responsibilities
To accomplish the security of the intellectual property of PAI the roles and responsibilities of the
professional of PAI and the development teams need to be defined for ensuring structured work
and even distribution of work in the development of IP security management system for PAI.
Risk Executive Function: To address the security risk and strategy development within
PAI.
Chief Executive Officer: This role holds the highest responsibility within the
organization and responsible for offering security to the information’s commensurate.
Chief Information officer: This role responsibility is to provide resources for the
security that support the mission of PAI.
Senior Agency Information security Officer: management of the IP security program.
Information Owner: Develop rules for sensitive data protection.
Senior agency official for privacy: Coordinating, facilitating and supervising the PAI
security measures.
Common control provider: Supervising the common control links in the organization.
Other roles supporting for security: IT services employees of PAI needs to take care of
the information security as the development works are carried out there on a network
that works on site (Rhodes-Ousley, 2013).
Model/Method for development of a security management program
First of all the functional capabilities of the program and the controls that the software
will provide for security management need to be defined. This process will lay out what
actions can be implemented with the software and provide the basic architecture of the
application.
After laying out the functionalities, there is a need to ensure that the functions align with
the industry standards and guidelines; this will make sure the program follows all the
protocols and standards.
When this process is complete, physical and environmental security needs to be checked
and protection and encryption standards need to be established.
After all of this is covered, the system development phase begins which include the
development of the user interface for the users and lays out the access controls. Proper
encryption methods need to be applied which ensure that information stays hidden from
malicious users and attackers (Bojanc.et.al, 2013).
Legal & statutory requirements and the benefits the formal approach would bring
C.I.A [Confidentiality, Integrity, and Availability] & A.A.A [Authentication,
Authorization, and accountability] are some security segments around which the security
controls are defined. These include confidentiality, integrity, availability, and
authorization.
Sessions can be helpful to maintain the state of the user, this would also ensure
authorized activity from their side.
To look at error handling from the security's point of view, the level of information that
would be displayed to each user in particular scenarios should be defined to avoid
security measures.
Common control provider: Supervising the common control links in the organization.
Other roles supporting for security: IT services employees of PAI needs to take care of
the information security as the development works are carried out there on a network
that works on site (Rhodes-Ousley, 2013).
Model/Method for development of a security management program
First of all the functional capabilities of the program and the controls that the software
will provide for security management need to be defined. This process will lay out what
actions can be implemented with the software and provide the basic architecture of the
application.
After laying out the functionalities, there is a need to ensure that the functions align with
the industry standards and guidelines; this will make sure the program follows all the
protocols and standards.
When this process is complete, physical and environmental security needs to be checked
and protection and encryption standards need to be established.
After all of this is covered, the system development phase begins which include the
development of the user interface for the users and lays out the access controls. Proper
encryption methods need to be applied which ensure that information stays hidden from
malicious users and attackers (Bojanc.et.al, 2013).
Legal & statutory requirements and the benefits the formal approach would bring
C.I.A [Confidentiality, Integrity, and Availability] & A.A.A [Authentication,
Authorization, and accountability] are some security segments around which the security
controls are defined. These include confidentiality, integrity, availability, and
authorization.
Sessions can be helpful to maintain the state of the user, this would also ensure
authorized activity from their side.
To look at error handling from the security's point of view, the level of information that
would be displayed to each user in particular scenarios should be defined to avoid
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Disclosure threats. Failure in achieving this may result in the revelation of sensitive
information to unauthorized users.
Configuration drives the application and its features, measures, and practices must be
defined to avoid illicit use of the application configuration by malicious users.
The formal approach would help make the process of integrating the security protocols C.I.A and
A.A.A easier into the program and would ensure that none of the protocols is missed. It would
ensure the development of a robust program which would comply by all the standards
(Hack2secure, 2019).
information to unauthorized users.
Configuration drives the application and its features, measures, and practices must be
defined to avoid illicit use of the application configuration by malicious users.
The formal approach would help make the process of integrating the security protocols C.I.A and
A.A.A easier into the program and would ensure that none of the protocols is missed. It would
ensure the development of a robust program which would comply by all the standards
(Hack2secure, 2019).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Conclusion
Part A of this report is based on the implementation of security management and governance
program for PAI that is a software development company based on artificial intelligence. The
report highlighted the benefits and need if implementing IP security management system at PAI,
development process, individual roles and responsibilities, models and methods of development
and lastly statutory and legal requirements of the security system.
Part A of this report is based on the implementation of security management and governance
program for PAI that is a software development company based on artificial intelligence. The
report highlighted the benefits and need if implementing IP security management system at PAI,
development process, individual roles and responsibilities, models and methods of development
and lastly statutory and legal requirements of the security system.
Reference
Ahmad, A., Bosua, R., and Scheepers, R., 2014. Protecting organizational competitive
advantage: A knowledge leakage perspective. Computers & Security, 42, pp.27-39.
Bojanc, R. and Jerman-Blažič, B., 2013. A quantitative model for information-security risk
management. Engineering management journal, 25(2), pp.25-37.
Hack2secure, 2019. An Introduction To Information Security Roles and Responsibilities
[Online] Available at:https://www.hack2secure.com/blogs/an-introduction-to-information-
security-roles-and-responsibilities
Rhodes-Ousley, M., 2013. Information security: the complete reference. McGraw Hill
Education.
Ahmad, A., Bosua, R., and Scheepers, R., 2014. Protecting organizational competitive
advantage: A knowledge leakage perspective. Computers & Security, 42, pp.27-39.
Bojanc, R. and Jerman-Blažič, B., 2013. A quantitative model for information-security risk
management. Engineering management journal, 25(2), pp.25-37.
Hack2secure, 2019. An Introduction To Information Security Roles and Responsibilities
[Online] Available at:https://www.hack2secure.com/blogs/an-introduction-to-information-
security-roles-and-responsibilities
Rhodes-Ousley, M., 2013. Information security: the complete reference. McGraw Hill
Education.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.