Articulate the major security risks and legal compliance issues for a Fire and Rescue Service. Identify and justify technical controls for securing remote.

Slides:



Advertisements
Similar presentations
Dr Lami Kaya ISO Information Security Management System (ISMS) Certification Overview Dr Lami Kaya
Advertisements

Date or reference University Fire Safety Committee Delivered by Mike O’Connor MSc FCIOB.
Risk Management a Case Study DATALAWS Information Technology Law Consultants Presented by F. F Akinsuyi (MSc, LLM)MBCS.
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
Higher Administration
Consultancy.
Adaptive Processes Simpler, Faster, Better 1 Adaptive Processes Understanding Information Security ISO / BS7799.
SecureAware Building an Information Security Management System.
Overview Of Information Security Management By BM RAO Senior Technical Director National Informatics Centre Ministry of Communications and Information.
Basics of OHSAS Occupational Health & Safety Management System
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Risk Management for Technology Projects Geography 463 : GIS Workshop May
SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption.
© 2013 Cambridge Technical CommunicatorsSlide 1 ISO/IEC Standard for Information Security Management Systems.
INFORMATION SECURITY & RISK MANAGEMENT SZABIST – Spring 2012.
Systems and Software Consortium | 2214 Rock Hill Road, Herndon, VA Phone: (703) | FAX: (703) Best.
SME Security. Articulate the major security risks and legal compliance issues for an SME.Explain and justify approaches of investment on InfoSec controls,
April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.
Information Security 14 October 2005 IT Security Unit Ministry of IT & Telecommunications.
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
Energize Your Workflow! ©2006 Merge eMed. All Rights Reserved User Group Meeting “Energize Your Workflow” May 7-9, Security.
International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk.
SEC 420 Entire Course (UOP) For more course tutorials visit  SEC 420 Week 1 Individual Assignment Responsibilities of Personal Protection.
SEC 420 Entire Course (UOP) SEC 420 Week 1 DQ 1 (UOP)  SEC 420 Week 1 Individual Assignment Responsibilities of Personal Protection Officers Paper 
SEC 420 aid Expect Success/sec420aiddotcom FOR MORE CLASSES VISIT
SEC 420 UOP professional tutor / sec420dotcom.  SEC 420 Entire Course (UOP)  SEC 420 Week 1 DQ 1 (UOP)  SEC 420 Week 1 Individual Assignment Responsibilities.
Primary Steps for Achieving ISO Certification.
On completion of the scenario, students will be able to: Learning Outcomes 1 Critically analyse and prioritise information security risks. 2 Systematically.
For more course tutorials visit
Encompass – Learning Partnership SCHOOL BUSINESS MANAGER Course - Level 4 Diploma CLIVE HAINES and SUZANNE BEAN Welcome – Face to Face Session One.
Security Management in Practice
IS YOUR ORGANISATION’S INFORMATION SECURE?
Safety and Security Management Fundamental Concepts
Asset Management Accountability Framework
Information Technology (IT) Audits
What Is ISO ISO 27001, titled "Information Security Management - Specification With Guidance for Use", is the replacement for BS It is intended.
The Demand for Audit and Other Assurance Services
Operational Assessment of Service Delivery
Project Human Resource Management
IPv6 within the Australian Government
Security SIG in MTS 05th November 2013 DEG/MTS RISK-BASED SECURITY TESTING Fraunhofer FOKUS.
12.2 Conduct Procurements The process of obtaining seller responses, selecting a seller and awarding the contract The team applies selection criteria.
Risk Management for Technology Projects
GDPR Awareness and Training Workshop
Security Engineering.
Information Security based on International Standard ISO 27001
CIS 333 Competitive Success/snaptutorial.com
CIS 333Competitive Success/tutorialrank.com
CIS 333 Education for Service-- snaptutorial.com.
CIS 333 RANK Lessons in Excellence-- cis333rank.com.
CIS 333 Education for Service-- tutorialrank.com.
CIS 333 RANK Education for Service-- cis333rank.com.
CIS 333 Teaching Effectively-- snaptutorial.com
سيستم مديريت امنيت اطلاعات
Asset Governance – Integrated Strategic Asset Management
IT Development Initiative: Status and Next Steps
Information Security Forum to an Information Security Plan
IS4550 Security Policies and Implementation
OBSERVE ETHICAL PRACTICES
Cyber security Policy development and implementation
Cyber Security and Traffic Data Systems
How to conduct Effective Stage-1 Audit
Unit 5 Assignment 1 Help.
AICT5 – eProject Project Planning for ICT
Data Governance & Management Skills and Experience
Security Policies and Implementation Issues
Awareness and Auditor training kit
Presentation transcript:

Articulate the major security risks and legal compliance issues for a Fire and Rescue Service. Identify and justify technical controls for securing remote access and data governance. Explain the key features of ISO and risk assessment. Explain key features and requirements for an Information Security culture and suggest activities for developing it. Identify and outline key policies required and HR processes. Learning Outcomes

Pre-requisite Knowledge This scenario is adaptable and the prerequisite knowledge is not essential, some of it may be considered part of the learning outcomes. The following identify concepts/processes that are required for successful completion of the scenario. Information Security concepts including: 1.Confidentiality, Integrity, Availability, 2.Information Assets, Threat, Vulnerability, Impact, Likelihood, Risk, 3.Teamwork.

Pre-requisite Knowledge Test Introduction The following quiz will test your pre-requisite knowledge.

Quiz Click the Quiz button to edit this quiz

Turing Hill Fire & Rescue Service Improve time and efficiency for firefighters Improve safety through the use of blueprints

Commercial Properties STORED AT THE DATA CENTRE Establishes site specific information for safety and fire risks. Information comes from a variety of services such as fire officers, and the fire measures already in place. Provides a construction and CAD drawings of the premises. UPDATED REGULARLY

Mobile Data Terminal (MDT) Allows for offline access to key information and standard operating procedures for the fire type. IMAGE PLACEHOLDER FOR OUTSIDE OF THE FIRE SERVICES PLACE

Mobile Technologies Interview

New Mobile Technologies 4G LTE Access to the network will use Microsoft SharePoint. Allows for real time access to the data held on the THFRS network. After consultation with business users, the mobile device selected was the Apple iPad. This was not the preference of the ICT department.

Task- Stage 1 Identify a list of the checks that you need to make for an initial audit. You have some limited experience of ISO27001 in a previous role, and whilst you are not (at this stage) considering certification against the standard, you would like to know how well THFRS’ Information Security Management System (ISMS) aligns with ISO27001 requirements. What are the checks you would make to ensure that there is overall alignment? A Report and presentation addressing all of the above points.

Task- Stage 2 Perform a risk assessment for this system. 1.To identify the threats, vulnerabilities and associated risks with utilising iPads in this way. 2.To propose a set of controls that are cost-effective in mitigating the risks within acceptable limits for THFRS. 3.To identify any potential commercial products that could meet these requirements. Deliver a report and presentation

Reflection It is also important that at the end of the scenario you should reflect on your learning and team working and identify what worked well, what didn’t and actions for future improvement.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.