The DAS (Department of the Administrative Service) is responsible for delivering many services for the various departments of the state government in Australia. The data centre of the DAS is the one who is accountable for delivering the services for the department. A new service provider has been introduced to DAS in order to upgrade the existing system named ‘SaaS’ (Software-as-a-Service),
which is a centrally hosting licensed model and software delivery services. A team of two members is being introduced to the management for the delivery of a risk management program, which will be helpful in identifying the threats and risks to the privacy and security of employee’s data, who are employed in DAS. Following report presents a severity matrix in order to show the likelihood, priority and the impact of the identified risks and threats. They are rated based on the consideration.
- Cloud Computing: Cloud computing can lead to various security issues related to the information of the employees that are being saved on the Cloud. Saving files and information on the internet makes it vulnerable to cyber-attacks and data breaches. Considering latest data breaches it can be said that cybercrimes are the real concern for this new digital world.
- Poor configuration:It can be considered as a pre-existing threat that was complete responsibility of the providers and suppliers. Poor configured system can easily be breached by the intruders and could lead to several security issues related to the employees of DAS (Lafuente, 2015). Proper IT team should be appointed before making purchase of computers in order to pre-check the supplies.
- Weak security architecture or non-existing of security architecture:Weak security architecture of the network is another important aspect that can lead expose of personal and sensitive information and alternatively affect the security of the employees and the organization too. There should be updated and always presence of a security architecture for the network that is being used within the organization.