Student Records System

Student Records System

Personal Details Course/

Enrollment Academic

Performance Current Grade Achievements Attendance Behavior

Students Update Update Read Read Read Read Read

Lecturers Update Read Update Update Update Update Update

Areas of Challenge during Physical Implementation

When implementing the above-presented controls, certain issues could emerge. First, there could be a need for allowing all the controls to a given user. For instance, lecturers could need to have to update, read and delete authorities for particular events. Besides, there could be a need to limit certain authorities. For example, students could be required to make specific updates on some records. Therefore, the system should be designed and developed to allow the varied levels of controls and authorities.

Information Security Models and Frameworks

Certain similarities exist between the two frameworks. First, both ISO 27002 and the Australian Government Information Security Manual provide vital instructions and guidelines that organizations could adopt to encourage security of their information systems. That is, every organization has the freedom to decide whether or not to embrace the frameworks. Besides, both documents are linked to related articles. Thus, implementation of the frameworks demand the use of related documents. Moreover, development and design of each framework is based on particular predetermined models and standards. Also, both frameworks offer advice and guidelines on how firms could identify and manage potential risks.

However, some differences exist between the two frameworks. First, ISO 27002 offers guidelines on how organizations could initiate, maintain and improve their information security management systems (ISMS). On the other hand, the Australian Government Information Security Manual offers guidelines on how firms could protect their information and systems by embracing four principles that include protect, govern, detect and respond. Besides, ISO 27002 endeavors to encourage availability, integrity and confidentiality of information.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *