Student Records System
Student Records System
Personal Details Course/
Enrollment Academic
Performance Current Grade Achievements Attendance Behavior
Students Update Update Read Read Read Read Read
Lecturers Update Read Update Update Update Update Update
Areas of Challenge during Physical Implementation
When implementing the above-presented controls, certain issues could emerge. First, there could be a need for allowing all the controls to a given user. For instance, lecturers could need to have to update, read and delete authorities for particular events. Besides, there could be a need to limit certain authorities. For example, students could be required to make specific updates on some records. Therefore, the system should be designed and developed to allow the varied levels of controls and authorities.
Information Security Models and Frameworks
Certain similarities exist between the two frameworks. First, both ISO 27002 and the Australian Government Information Security Manual provide vital instructions and guidelines that organizations could adopt to encourage security of their information systems. That is, every organization has the freedom to decide whether or not to embrace the frameworks. Besides, both documents are linked to related articles. Thus, implementation of the frameworks demand the use of related documents. Moreover, development and design of each framework is based on particular predetermined models and standards. Also, both frameworks offer advice and guidelines on how firms could identify and manage potential risks.
However, some differences exist between the two frameworks. First, ISO 27002 offers guidelines on how organizations could initiate, maintain and improve their information security management systems (ISMS). On the other hand, the Australian Government Information Security Manual offers guidelines on how firms could protect their information and systems by embracing four principles that include protect, govern, detect and respond. Besides, ISO 27002 endeavors to encourage availability, integrity and confidentiality of information.
Leave a Reply
Want to join the discussion?Feel free to contribute!