This report gives you the opportunity to research, formulate, develop and document a basic security policy for a specific organization in Australia. Moreover, you are required to analyze, record, resolve security incidents and identify and assess the threats to, and vulnerabilities of the organisation’s networks. This report will use many of the concepts and techniques discussed in this unit throughout the semester.
You will need to either choose from the list of examples of the industries provided below or come up with your own idea for a chosen specific organisation.
a.Banking/Mortgage
b.Hospital/Medical Centre
c.Supermarket
d.Vehicle rental
e.Tourism agency
f.Hotel/Mote
g.School/University
h.Library
i.Aviation operator
j.Property Management
Please discuss your chosen organisation and or ideas with your lecturer before you start your research. You might NOT be allowed to choose the same or similar specific organisation as other student in your class. You should aim at research, develop, and document answers to questions (a.) and (b.) below. Do not copy the examples of information security policies used in class.
(a.)Research, formulate, develop and document a strategic security policy for your chosen organisation based on the nature of the organisation and the stakeholders in the organisation.
(b.)Based on the security policy you have researched, formulated, developed and documented in the item (a.) above, identify and assess the potential threats and vulnerabilities of the company’s network and discuss how such threats and vulnerabilities can be mitigated based on your research.
Information security is the procedure to keep the confidential information extremely safe and secured (Crossler et al. 2013, p. 93). The availability, integrity and privacy of the information are maintained properly with the information security. The various methods like the intrusion detection systems, firewalls as well as vulnerability scanners help to maintain type of security with utmost priority (Andress 2014, p. 3). These above mentioned methods of information security are responsible to provide better efficiency and effectiveness to the products and services of that specific organization.
This report will be providing a detailed image of the information security for the most popular banks in Australia, known as Commonwealth Bank of Australia or CBA. This is one of the oldest banks in Australia and New Zealand and is quite popular for its unique strategies. The report will also demonstrate the strategic security policy of this bank with relevant details. The various threats will be identified and the mitigation techniques will be given properly.
CBA or Commonwealth Bank of Australia is the largest Australian bank and they have been providing several services to the customers in various countries like Australia, Asia, New Zealand, and United Kingdom and even in United States (Commbank.com.au. 2018). Various services related to banking are provided by them. Moreover, the financial services like broking services, funds management, retail banking, superannuation, institutional banking, investments, business banking and various others. The number of employees in this organization is not less than fifty thousand and hence as per a significant recent survey, the total income of the Commonwealth Bank of Australia was around 9.881 billion Australian dollars in the entire year of 2017 (Commbank.com.au. 2018).
The strategic security policy is the document that eventually states the procedure of protection of the organization’s physical as well as information technology assets (Van Deursen, Buchanan & Duff 2013, p. 33). This security policy is also considered as the most important and significant part of an organizational information system. This particular strategic security policy is updated periodically so that the organization does not face any issue related to the information security. The stakeholders of the organization are majorly involved and also have a strong impact on this type of policy. The Commonwealth Bank of Australia has properly divided the list stakeholders to eight sub divisions. These eight divisions are media, regulator or government, community organization or NGO, employees, customers, service providers, investor community and suppliers (Commbank.com.au. 2018). The basic strategic security policy of this particular bank is provided below:
iii) Recognizing the Authenticated Members: The third factor of the strategic security policy for Commonwealth Bank of Australia is the recognizing of all the authenticated and authorized members. The respective sensitive data or information is only accessed by these specific members (Chen, Ramamurthy & Wen 2015, p. 15). The stakeholders of this bank can only access these data and these stakeholders are brokers, agents, customers, service providers, owners, employers and various others.
vii) Proper Actions to the Privacy Complaints: The bank ensures that the customers are getting security to their confidential information. When the client will be complaining about the security issues, this particular organization is responsible for taking proper actions against these complaints and thus all the issues could be mitigated.
iii) Malicious Software: The malicious software is the third popular type of threat or vulnerability for the CBA network. This is also termed as the computer virus that can easily steal the data by entering into the specific system and by replicating itself as many viruses and thus modifying the rest of the computer software within that system.
iii) Mitigation Technique for Malicious Software: Two specific mitigation techniques are present for the purpose of mitigating this particular threat in CBA network. The first is to implement antivirus software in the systems and also taking regular updates from that software. The second technique for mitigating malicious software is by scanning all the emails regularly.
Therefore, from the above discussion, it can be concluded that the information security is the basic procedure for protecting the confidentiality, integrity as well as availability of the information or information assets, irrespective of the fact that they are kept in storage, transmission or processing. The authenticated or authorized users have the legalized access to the basic system, where the hackers do not get the access to such systems. Since, it protects from the intentional and unintentional attacks, most of the organizations have implemented information security in their businesses. The above report has properly outlined the strategic security policy of Commonwealth Bank of Australia with significant details. Moreover, the threats or risks for this company are identified and also the mitigation techniques are provided here.
Ahmad, A., Maynard, S.B. and Shanks, G., 2015. A case analysis of information systems and security incident responses. International Journal of Information Management, 35(6), pp.717-723.
Allam, S., Flowerday, S.V. and Flowerday, E., 2014. Smartphone information security awareness: A victim of operational pressures. Computers & Security, 42, pp.56-65.
Andress, J., 2014. The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Syngress.
Chen, Y.A.N., Ramamurthy, K.R.A.M. and Wen, K.W., 2015. Impacts of comprehensive information security programs on information security culture. Journal of Computer Information Systems, 55(3), pp.11-19.
Commbank.com.au. 2018. Privacy Policy-CommBank. [online] Available at: https://www.commbank.com.au/content/commbank-neo/security-privacy/general-security/privacy-policy-html-version.html [Accessed 19 Sep. 2018].
Crossler, R.E., Johnston, A.C., Lowry, P.B., Hu, Q., Warkentin, M. and Baskerville, R., 2013. Future directions for behavioral information security research. computers & security, 32, pp.90-101.
Harkins, M., 2013. Managing risk and information security: protect to enable. Apress.
Lee, M.C., 2014. Information security risk analysis methods and research trends: AHP and fuzzy comprehensive method. International Journal of Computer Science & Information Technology, 6(1), p.29.
Ö?ütçü, G., Testik, Ö.M. and Chouseinoglou, O., 2016. Analysis of personal information security behavior and awareness. Computers & Security, 56, pp.83-93.
Peltier, T.R., 2013. Information security fundamentals. CRC Press.
Sommestad, T., Karlzén, H. and Hallberg, J., 2015. The sufficiency of the theory of planned behavior for explaining information security policy compliance. Information & Computer Security, 23(2), pp.200-217.
Vacca, J.R. ed., 2013. Managing information security. Elsevier.
Van Deursen, N., Buchanan, W.J. and Duff, A., 2013. Monitoring information security risks within health care. computers & security, 37, pp.31-45.
Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber security. computers & security, 38, pp.97-102.
Wang, T., Kannan, K.N. and Ulmer, J.R., 2013. The association between the disclosure and the realization of information security risk factors. Information Systems Research, 24(2), pp.201-218.
Zhang, Y., Zhang, L.Y., Zhou, J., Liu, L., Chen, F. and He, X., 2016. A review of compressive sensing in information security field. IEEE access, 4, pp.2507-2519.
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2021). Information Security. Retrieved from https://myassignmenthelp.com/free-samples/isy203-information-security/policy-for-commonwealth-bank.html.
"Information Security." My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/isy203-information-security/policy-for-commonwealth-bank.html.
My Assignment Help (2021) Information Security [Online]. Available from: https://myassignmenthelp.com/free-samples/isy203-information-security/policy-for-commonwealth-bank.html
[Accessed 18 April 2021].
My Assignment Help. 'Information Security' (My Assignment Help, 2021) <https://myassignmenthelp.com/free-samples/isy203-information-security/policy-for-commonwealth-bank.html> accessed 18 April 2021.
My Assignment Help. Information Security [Internet]. My Assignment Help. 2021 [cited 18 April 2021]. Available from: https://myassignmenthelp.com/free-samples/isy203-information-security/policy-for-commonwealth-bank.html.
Students struggling with literature reviews shall no more feel the stress of overcoming the odds. MyAssignmenthelp.com has roped in some of the most diligent academic writers dedicated to compose exemplary literature reviews. So, if you don’t know how to write a literature review, stop panicking and allow us to do the needful instead. We acknowledge the fact that writing literature review papers is no child’s play. So, ask us to “write my paper on various research topics”, and go stress-free.
Answer: Introduction In this modern era, the use of mobile communication and advanced networking is growing rapidly and many consumers are using this technology to transfer data or information from one person to another. The aim of this report is to review the journal article in the field of advanced networking and communication system and understand the views of different researchers. Wireless is an advanced communication technology which is...
Read MoreAnswer: Introduction: Patterns in the program design and in system development are very much important for the present time. Application of the patterns was first used for designing the programs. Now, the patterns are used in the data analysis, system architecture and project management (Bonfè, Fantuzzi and Secchi 2013). Patterns are a part of the Unified Modeling Language which is a commonly occurring reusable piece which can pro...
Read MoreAnswer: Introduction The internet is an open platform which allows its users to share their ideas and content on the platform. Due to its openness and independence, the amount of content shared on the internet is substantial which also include explicit content that is not beneficial for the society (Curran, Fenton & Freedman, 2016). It raises the significance of internet censorship to govern data sharing on the internet in order to ensure...
Read MoreAnswer: Introduction: A file system refers to the different methods as well as the structures of data that are used by the operating system in order to monitor the files and keep a track of the data on a disk partition. It defines the way in which the data and the files a restored on a disk partition[1]. A file system can also be defined as the partition or a disk that is required to store the files of a particular file system. In every ...
Read MoreAnswer: A performance evaluation. EURASIP Journal on Wireless Communications and Networking, 2014(1), p.89. The title of this journal paper is LTE and IEEE 802.11p for vehicular networking: a performance evaluation that was written by Zeeshan Hameed Mir and Fethi Filali in the year 2014. The main objective of this journal is to describe the con concept of LTE and IEE 802.11 and evaluate their performance. In this modern era informa...
Read MoreJust share requirement and get customized Solution.
Orders
Overall Rating
Experts
Our writers make sure that all orders are submitted, prior to the deadline.
Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.
Feel free to contact our assignment writing services any time via phone, email or live chat. If you are unable to calculate word count online, ask our customer executives.
Our writers can provide you professional writing assistance on any subject at any level.
Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.
Get all your documents checked for plagiarism or duplicacy with us.
Get different kinds of essays typed in minutes with clicks.
Calculate your semester grades and cumulative GPa with our GPA Calculator.
Balance any chemical equation in minutes just by entering the formula.
Calculate the number of words and number of pages of all your academic documents.
Our Mission Client Satisfaction
I got a very high mark and I am satisfied with the service provided this time. Thank you!
Australia
It was great. The paper got the details and the information I needed. It was good effort.
Australia
It was good. The assignment provided good details and I got the information I needed.
Australia
GOOD! The tutor is professional, responsible and patient. The reply was timely...................
Australia