IT Security Management and Risk Assessment Procedures
"Explore mechanisms to control organizational IT security, including risk assessment procedures, data protection processes, and physical security analysis in Level 4 IT Systems Management. Understand how to assess and mitigate security risks effectively."
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Level 4 IT Systems Management
IT Security Management LO2 Aims and Objectives LO 2 Understand mechanisms to control organisational IT security: 2.1 Discuss risk assessment procedures 2.2 Evaluate data protection processes and regulations as applicable to an organisation 2.3 Analyse physical security issues for an organisation We will be discussing the following: Risk assessment; potential loss, probability of occurrence; physical security.
Task 1 - Setting Personal Targets 5 mins Set yourself at target that you would like to achieve from this lesson. Extension Task Determine at least 5 overall targets you would like to achieve within this unit. Copy these targets into Padlet when you are next on a computer
Learning Outcomes LO 2 Understand mechanisms to control organisational IT security: 2.1 Discuss risk assessment procedures 2.3 Analyse physical security issues for an organisation.
Probability of Occurrence Risk Probability Setting Probability Critera Very Low Extremely unlikely or virtually impossible Low Low but not impossible Medium Fairly likely to occur High More likely to occur than not Very High Almost certainly will occur
Probability of Occurrence Risk Impact Setting Impact Critera Very Low Likely to have a minor impact in one or a few areas Low Likely to have a minor impact in many areas Medium Likely to have a major impact in one or a few areas High Likely to have a major impact in many areas Very High Likely to have a major impact on the whole organisation.
Organisational Security Procedures Mechanisms Policies Physical Security Security Audits Human resource Issues
Organisational Security Procedures to Cover Data Intellectual Property Hardware and Software
Data What data do we need to protect? And How? Personal information/records identifiable to an individual Physical documents student work- Staff documents e.g resources to teach Invoices / finances MIS Employee info Executive project New Projects
What is Intellectual Property? How can we protect it? Worksheets that I have written for apprentices. Student work Executive decisions Thoughts of the mind Protection Policies Audits Work Contracts
How can we protect hardware? And How? Physical security Audits/random checks Watermarks Smartwater
How can we protect software? And How? Encryption Policies Using tools such as active directory to lock the system down. No use of usb/ which introduce viruses User profile to stop writing to usb Random checks Antivirus Training in order to gain compliance to policies.
