Risk Assessment For Digital Result Distribution System Essay.

Provide the risk assessment that will confirm the circumstance that the data analysis will be done with the help of risk register. 

Remarkable University has been intending on implementing digitization in the field of result declaration system. The major concern of Remarkable University is to increase the efficiency of the result distribution among the students of Remarkable University. During the implementation of digitalized data base, the major concern for Remarkable University was the security related issues that are present in the course of data management proper transcription of the security processes are implemented and software that are implemented. For implementing security framework in the processing of the database proper implementation of the hardware and software   For increasing the robustness of the platform of the result providing system ensures that the data management is done with the help security measures must be implemented and this is the sole reason that the security planning finds its importance in the way of accomplishment of the project. This paper will start with providing the scope of the project, which will take into consideration the scenario analysis and this will also help in understanding the goal of the project that is to be completed. This report will also provide the risk assessment that will confirm the circumstance that the data analysis will be done with the help of risk register. Risk assessment that is present in the course of data management will also help in understanding the progression of the data management and will help in understanding the risks that might approach the framework of the digital result providing system. This report will also state the security strategies that must be implemented in order to mitigate the security and privacy related risks. This report will also help in procuring the processing’s that will ensure that the data that are existing in the database of the system stays protected from the imposters, guiding to the circumstance that the data administration will be completed with highest efficiency. This paper will also deliver the residual risks that are existing in the progress of the data management in the processing of result distribution in a digital stage. This paper will also deliver a detailing of the resources that will be prerequisite for the accomplishment of the project. This report will also provide the basic drills that will be required for completion of the training of the employees who will be in charge of handling the security issues of data base.

Providing proper security to the networking system acts as the main scope of the project. Deployment of the security measures are one of the major scope of this project. This project includes the methodologies that must be deployed for the mitigating risks that might arise on the processing of the data managing in the data base of the digital platform. These are considered too be the major scope of the project. Residual scope pf the project is that this report will focus on the problems that might arise due to non-robust platform. This is the because of that the executing of the data management is also taken into consideration as the processing of the data will be proving the security measures that must be taken in order to keep the platform protected.

Scope of the Project

Performing Risk assessment includes the terminologies that directly affects the executing of the data management. This is due to the circumstance that the data management that is executed taking into consideration of the terminologies namely User Authentication, Access Control, Server Security and Software security (Gouhar, 2017). Hence discussing the risks that are present in the processing of these methodologies will be completed with better and distinctive understanding of the security related issues that are present in the processing of the data handling. 

User Authentication: User authentication plays a huge role in the completion of the mission with proper security. In case there is no proper user authentication, the users whose data are present in the course of the platform, they face a severe security issue. This is due to the circumstance that the data prosecution will be completed with the assistance of loop holes that are present in the data centre of the business. This leads to the fact that the data handling gets affected in a negative way. The imposters who are present in the data networking platform ensures the fact that the data projection gets better with the assistance of the organization of the loop holes that are existing in the networking system of the database. In case authentication security is not present in the course of the data administration and no proper authentication is provided in the data base, the frauds can effortlessly gain entry to the data that are present in the system that is created by the Remarkable University (Li, 2014). This fact that the imposters can harm the students of Remarkable University, leading to the fact that the data that are grades that are stored in the data base are manipulated by the imposters. In case a student fails in the exam and the same gets published in their portal that is present in the framework of Remarkable University. In case the student that has failed wants to commit unfair means for passing the exams, they can gain access of the portal illegally and change the grades that are present in the processing, leading to the circumstance that the data that are present in the course of result providing stage is changed and the student that has failed passes the exam without prior deserving results

Access Control: Access control is also one of the major factor that will include the processing of the data centre with utmost efficiency. This is due to the fact that the controlling the access regarding the portal that is created by the Remarkable University that will make the portal robust in nature. In case the portal that is created by the database is not robust in nature, personnel’s who are not allowed to gain entry to the records that are stored in the data base gains access and the data that are existing in the database can be modulated, leading to the circumstance that the information that are authenticated in nature gets distorted and this is the main cause that executing of the access must be maintained. In case an imposter gets access to the control of the data centre, the processing of the portal is completely dependent on the persons that access the data centre. In case the personnel that are unauthenticated in nature gets access to the data that are present in the portal of the Remarkable University. This leads to the circumstance that the information that are present in the system gets altered without any proper authentication. This is the reason that access control is one of the major reasons of prosecuting the data centre. A reference must be built for better prosecution of the data centre. This leads to the fact that the information that are present in the database that are present in the portal. This is the reason that access control must be present in the portal managing of the data centre of the Remarkable University (Yang, Zhang & Xie, 2013).

Security Concerns

Server Security Server security is one of the most important aspect of the keeping the data safe and secured. This is due to the fact that the information that are existing in the server can be retrieved by the imposters, leading to the fact that the authenticated users might face difficulties in operating the server and this might lead to the fact that the data processing might be done with highest efficiency. This will lead to the fact that the servers gets accessed by the imposters. In case a server is accessed by the imposters who are not authorized to gain admittance to the information that are existing in the course of data management (Baca, Petersen & Lundberg, 2014).  This will include the methodologies that will procure the statistic that the data management will be completed with utmost proficiency and after completion of the analysis of the loop holes that are present in the servers are used in a negative sense, leading to the statistic that the data management will be completed more professionally by the imposters as they will be well aware of the loop holes that are present in the server and they can attacked using the weak points that are present in the course of accomplishment of the project. This is the sole goal that the server security acts as one of the major part in the processing of completion of data management. This is the only reason that the data interpretation is done using the server of the communication platform that is targeted for completion of a security glitch related projects that are performed by the imposters (Hoekstra & Del Cuvillo, 2014).

Software security: Software security acts as one of the main problems that are existing in the portal system that is created by the Remarkable University for completion the online gradation system. This is due to the fact that the platform that is being used for the accomplishment of the project stays secured and the information that are existing in the data base stays secured in nature. In case the software is secured, the major advantage that a personnel will enjoy is that the executing of data management will be completed with utmost efficiency. This leads to the fact imposters cannot access the information that is present in the data base as he cannot operate the software due to authentication problems. This is one of the main reasons that lead to the prosecution of data that are existing in the database. In case the software is not secured in nature, the major aspect that is present in the course of the data management will lose its proficiency and the imposter will easily get through the software (Baca, Petersen & Lundberg, 2014). Only if the software is protected with proper authentication, the imposter cannot go through the wall and this is the only reason that the data processing efficiency will be maintained. Software security acts as the filtering stage, this leads to the circumstance that the data that are present in the database stays protected. Another problem that the organization will be facing in completion of their project after the procuring of security barrier that are present in the data base. This is the only reason that the information that are present in the portal, leading to the fact that the data present in the data base stays protected and this will safeguard the data that are present in the database stays protected with proper filtering of the imposters that can approach the data base of the system.

Risk Assessment

Input Values

Cost benefit analysis

From the above Cost benefit analysis, it can be stated that it takes a minimum of 2 years to earn back the amount that is invested in building the digital gradation system due to security issues that are present in the development of data management. This guides to the fact that the data management must be performed with utmost efficiency for better and proper acknowledgement of the data centre. Major strategic implementations that are to be made for completion of the data management are as follows: -

• User authentication and Access control: User authentication and access control leads to the fact that the users who want to get admittance to the information that are present in the database needs to have a proper password setting, guiding to the detail that the data management that is to be performed is completed with utmost efficiency. The access control of the imposters can also be set by providing proper robust password before entering the data base.This is one of the major procedure that is implemented for proper maintaining of the robustness of the business data base (Hu & Scarfone, 2014).
• Server Security:the information that it contains is regarding the database of the personnel’s who are indirectly contacted. Information of grades of the students will also be present. Server security runs on Loc k /tmp, /var/tmp, and /dev/shm partitions. The base of this application runs on LINUX. Administrators of the data base have access over the entire server, leading to the detail that the data management is processed with greatest effectiveness. The administrator will be having an open access and the students of Remarkable University will be having a structured and restricted. The users will be requiring passwords to enter the portal. Higher authorities of Remarkable University. Entire control of the system lies in the hand of the higher authorities, leading to the fact that the data processing is managed with proper completion (Pathan, A. S. K. (Ed.). (2016).
• Software security System:Software security system is one of the most important aspect that is taken under consideration, guiding to the fact that the data that are stored in the database stays protected. Kee Pass software is used for the prosecution of database and this guide to the fact that the data management of the system. This is the main cause that this prosecution of the process is maintained.
• Network Perimeter Security system: Firewall installation is one of the major issues that are the major factors that are needed for the execution of the data management. This leads to the statistic that the data management of the entire processing is maintained with utmost efficiency. In bound firewall must be implemented in order to complete the processing of data management. This is due to the point that the data that are incoming in nature van be tracked in a proper way and this includes the fact that the data management of the entire system that is related to the processing of the safety of the data that are present in the database. As the information that are existing in the networking database stays protected and the data that acts as the input is the sole requirement in this project. Hence proper data management will be processed with the grades that are inputted by the teachers (Wei & Mason, 2014)
• End User PC security:End User PC security acts as one of the main security procedure as the data management that is processed is cultivated in terms of the users as well. This guides to the fact that the statistics that are accessed by the students with their portals can be hampered, leading to the point that the data management will be done with the assistance of the data management (Ridker, 2016).

Residual risks are termed as the risks that are existing in the sequence of the data management after completion of risk mitigation techniques (Shropshire, Warkentin & Sharma, 2015). This guides to the statistic that the data management is procured in the processing of data management and this leads to the fact that the risks that are not mitigated even after implementation of risk mitigation are taken into consideration in this risk mitigation technique. Major residual risks that are present in the course of the completion of the on line grading system that is initiated by Remarkable university are as follows: -

• Identification issues: Identification issue will be acting as a serious problem as the data that are existent in the database can only be retrieved by the authenticated users. This leads to the fact that the data management that is performed with the help of the proper authentication of the user might fire back and the genuine client might face problem in accessing their own portal (Solorio & Fung, 2014). Likeliness of occurrence of these risks are not much high as these risks will occur only when there are some technical issues in the portal. The impact that is created on the projection of the data management is not very as the data which are present in  the database are not altered, guiding to the fact that the information that are kept in the database stays in the database without any prior change.
• Technical Issues: It is very obvious that whenever a digital platform is created technical glitches will be present in the course if the data management of the application and this is the only cause that the residual risks arises. This leads to the statement that the data management will always be at risk. In case there are problems regarding the technical glitches, the main prospect will be to start the processing of data management (Jagadish & Shahabi, 2014). The likeliness of happening of Technical issues are very low as the technical terminologies are initially tested with all kinds of testing methodologies, leading to the statistic that the data management is done with supreme effectiveness. Despite all the testing that is done in the course of testing, the impact of this technical issues will be very high as the imposters will look for the loop holes and the projection of the data management will be done. This is one of the main motive that the projection of the data management will be done with least efficiency and the imposter will affect the data that are present in the database [2].
• Log In issues:  In case the system’s password is changed but not updated in the portal system, the data base of the organization gets stored in the devices that are not used in regular interval. This guides to the detail that the data management will be done with no robustness. This will lead to the point that the data management of the log in issue will be increasing in a daily basis and this will lead to the detail that the data management will be affected in a negative way (Bhoraskar & Wetherall, 2014, August)

Implementation of tools that are required for implementation of security in the online grading system of Remarkable University are as follows: -

• SAST: in case of implementing the Static Security Testing tool, the major concern that the tool focuses on is the transcription of the binary code vulnerabilities and the data management. This is a software based tool that is used for securing the data base from illegal access of the intruders. This leads to the fact that the information that are kept in the data base of the system stays secured and this is the main reason that the procurement of the data analysis is performed with utmost efficiency (?isar & ?isar, 2016, November).  
• DAST: Dynamicapplication security testing tools acts as the human tester and is physically present in the system of the controlling system. This helps in processing of the codes that are used in the data base.
• RASP: Runtime application self-protectionis a new age technology that ensures the detail that the data termination is performed with greatest proficiency. This is the purpose that the procurement of the data managing is completed with highest efficiency. This guides to the fact that the data management is completed with proper arrangement that is current in the prosecution of the data management [1].
• SCA: Software composition analysis tool finds its usage in identifying the 3^rdparty access mediums. This guides to the statistic that the data management that is completed with the help of the data management and this is the main advantage of this tool as the data processing of this tool helps in tracking the source of misconduct and this also helps in identifying the imposter (Pearson, 2014).

For this case the system maintenance is required because by the maintenance process the organization can improve the total security system, efficiency and productivity of the organization. Also, it is mandatory for the IT systems to maintain it regularly. Without proper maintenance the system will fail to give proper output. This type of maintenance are done by some professionals manually. Often, this maintenance are done poorly which lead the whole system to the failure. Beside that many times this maintenance performed on after the schedule time. This also make the system weak. In such cases automation technology can be used. In this technology the system will automatically throw an alert for the maintenance schedule (Lowry & Moody, 2015). By analysing of the alert type the administration can perform a proper maintenance of the system. The basic type of maintaining activity are the:

• Removing the unwanted software from the system and making it cleans as possible.
• Upgrading a firmware timely is a good solution for the organization to secure the system.
• Virus definition system always need to up to date. This is a critical condition for every organization.
• The new software need to roll out timely for efficient working process.
• Also replacing the hardware part timely is required to avoid the data failure.
• Manual backup need to done periodically to verify the data integrity.

With that the main benefits of the automation technology is that:

• The automation technology helps to protect the critical software of the organization. By protecting the software the organization can remove the vulnerabilities from the software.
• The maintenance can provide excellent level of security which can protect the core applications from the external security threats (Fierke, 2015).
• This automation process can help the systems to run at the optimal level of the configuration. By running at the optimal level the organization can provide excellent efficiency to the organization.

Conclusion

From the above report it can be concluded that Remarkable University is planning to implement a grading system that will be digitized in nature. Remarkable University wants to shift their focus from manual provisioning of results to digital procurement of the results. Digital platform of result provisioning brings several advantages but the major disadvantage that is existing in the course of completion of this project efficiently is that the security glitches which is existing in the commencing of the project. This is the sole reason that the Remarkable University is bothered about the security problems that may be affecting the goodwill of the University md the privacy regarding the data of the students will be affected in a negative way. This is the major reason that the completion of the project will require implementation of security plans and this is the major reason that leads to efficient completion of the project. Another major reason of implementing the project security plan is to keep the data of students secured and this is the only reason that includes the fact that the completion of the project management is done with highest robustness. 

References

[1] Griffith Information Security Policy: https://policies.griffith.edu.au/pdf/Information Security Policy.pdf

[2] Griffith Information Security Policy Schedule: https://policies.griffith.edu.au/pdf/InformationSecurity-Policy-Schedule-A-Roles-Standards-Operational-Procedures.pdf

Apel, S., Kästner, C., & Lengauer, C. (2013). Language-independent and automated software composition: The FeatureHouse experience. IEEE Transactions on Software Engineering, 39(1), 63-79.

Arachchilage, N. A. G., & Love, S. (2014). Security awareness of computer users: A phishing threat avoidance perspective. Computers in Human Behavior, 38, 304-312.

Baca, D., Petersen, K., & Lundberg, L. (2014). Improving software security with static automated code analysis in an industry setting. Software: Practice and Experience, 43(3), 259-279.

Becker, R., Gray, W., & Marvakov, J. (2013). Nber-ces manufacturing industry database: Technical notes. NBER Working Paper, 5809.

Bhoraskar, R., & Wetherall, D. (2014, August). Brahmastra: Driving Apps to Test the Security of Third-Party Components. In USENIX Security Symposium (pp. 1021-1036).

Bilal, K., Manzano, M., Khan, S. U., Calle, E., Li, K., & Zomaya, A. Y. (2013). On the characterization of the structural robustness of data center networks. IEEE Transactions on Cloud Computing, 1(1), 1-1.

?isar, P., & ?isar, S. M. (2016, November). The framework of runtime application self-protection technology. In Computational Intelligence and Informatics (CINTI), 2016 IEEE 17th International Symposium on (pp. 000081-000086). IEEE.

Dukes, L., Yuan, X., & Akowuah, F. (2013, April). A case study on web application security testing with tools and manual testing. In Southeastcon, 2013 Proceedings of IEEE (pp. 1-6). IEEE.

Fierke, K. M. (2015). Critical approaches to international security. John Wiley & Sons.