Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
0Activity
0 of .
Results for:
No results containing your search query
P. 1
Memo

Memo

Ratings: (0)|Views: 1|Likes:
Published by Philemon Mapfumo

More info:

Published by: Philemon Mapfumo on Mar 24, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOCX, PDF, TXT or read online from Scribd
See more
See less

03/24/2011

pdf

text

original

 
Philemon Mapfumo: W1125681 Coursework 1IT Security Awareness [2ITS7H5] March 22, 2010
1
 
Name : Philemon MapfumoStudents ID :W1125681Module : IT Security AwarenessModule Code: 2ITS7H5Module Leader: Gavin ButlerCourse : MSc. IT Security
 
Phil
e
   ¡¢  £   ¤¥¦§     ¡¨©   
1125681
¡§ 
se
¡  
1
   
Sec
§ 
it
y
¤ 
e
¢  
ess[2
   
S7
  
5]
£   ¤ 
c
h
22
 
 
2010
 
2
 
D'Ausecours
 Memorandum
T
o:
Matt Le Blanc, Managing Director
 
F
rom:
Philemon Mapfumo, IT Security Manager 
Date:
March 22, 2010 
Subject 
:
Responsibilities of a Data Security Officer  
I
ntroduction
This is a memorandum is for the attention of the managing director Mr Matt Le Blanc of D¶Ausecours, discussing the duties and responsibilities of a Data Security Officer, the number required for the organisation, how there will be adapted into the organisation, the financial costs,benefits of employing a data security officersand the implications of the mergerof between Deltabaseand D¶Ausecours organisations.
Duties and Responsibilities
The role of a data security officer should not be confined to the protection of information assets butmust include the business physical assets as well (Kovacich, 2003).The main responsibilities of a datasecurity officer are:
y
 
C
reating business relation ships within the organisations
 
Philemon Mapfumo: W1125681 Coursework 1IT Security Awareness [2ITS7H5] March 22, 2010
3
y
 
The ab
ilit
  
 
t
  
eas
il
  
adap
t
 
t
  
change and
t
  
commun
i
ca
t
e
t
o peop
l
e effec
ti
!  
e
l
  
 
y
 
The capab
ilit
#  
of runn
i
ng a
t
eam and be
i
ng performance or 
i
en
t
ed
y
 
E
duca
ti
ng users
i
n secur 
it
$  
awareness(Forch
t
1994)
y
 
S
afeguard
i
ng of 
t
he bo
t
h
t
he phys
i
ca
l
and
l
og
i
ca
l
doma
i
ns and app
l
y
i
ng appropr 
i
a
t
e accesscon
t
ro
l
s
y
 
espons
i
b
l
e for acqu
i
i
ng and manag
i
ng fund
i
ng for secur 
it
y resources.(Kovac
i
ch, 2003).
y
 
I
ns
t
a
lli
ng sound secur 
it
y prac
ti
ses.
y
 
Frequen
tl
y execu
ti
ng secur 
it
y aud
it
s and
t
he r 
i
sk assessmen
t
s (
I
nfosec, 1996).
y
 
M
ak 
i
ng sure
t
ha
t
a
ll
users and a
ll
members of 
I
T suppor 
t
have gone
t
hrough
t
he appropr 
i
a
t
esecur 
it
y c
l
earance.The secur 
it
y off 
i
cer mus
t
d
i
sp
l
ay secur 
it
y awareness regard
l
ess of whe
t
her 
it
s
i
n
t
he phys
i
ca
l
or 
l
og
i
ca
l
 doma
i
n (Forch
t
, 1994).The respons
i
b
iliti
es are var 
i
ed and can
i
nc
l
ude p
l
ann
i
ng, organ
i
s
i
ng,
i
mp
l
emen
ti
ng and hav
i
ng a unders
t
and
i
ng of 
t
he cus
t
omer and
t
he supp
li
er (Kovac
i
ch, 2003).However 
it
 
i
s no
t
 
t
he respons
i
b
ilit
y of 
t
he secur 
it
y off 
i
cer 
t
o perform secur 
it
y func
ti
ons, bu
t
 
t
o makecer 
t
a
i
n
t
ha
t
secur 
it
y effor 
t
s are coord
i
na
t
ed, by ensur 
i
ng
t
ha
t
, po
li
c
i
es, procedures and s
t
andards areupda
t
ed and adhered
t
o(K 
ill
meyer , 2006). The benef 
it
s of 
t
he secur 
it
y off 
i
cer 
t
o an organ
i
sa
ti
onwou
l
d be
t
o, suppor 
t
organ
i
sa
ti
ona
l
requ
i
remen
t
s,
t
o
i
ncrease va
l
ue of 
t
he bus
i
ness asse
t
s and
t
oreduce
t
he r 
i
sks
t
o
t
he curren
t
ne
t
work 
i
nfras
t
ruc
t
ure (Kovac
i
ch, 2003). The da
t
a secur 
it
y off 
i
cer mus
t
 a
l
so ensure
t
ha
t
 
t
he organ
i
sa
ti
on adheres
t
o
l
ega
l
and regu
l
a
t
ory requ
i
remen
t
s
li
ke
t
he Da
t
a Pro
t
ec
ti
onAc
t
of 1998, wh
i
ch ensuresensure
t
ha
t
organ
i
sa
ti
ons co
ll
ec
t
and process cus
t
omer de
t
a
il
s
l
eg
iti
ma
t
e
l
yw
it
hou
t
unnecessar 
il
y d
i
sc
l
os
i
ng persona
l
de
t
a
il
s. Wh
i
ch cou
l
d resu
lt
 
i
n
l
ega
l
ac
ti
on, and
l
oss of bus
i
ness
i
f v
i
o
l
a
t
ed (
I
CO, 2009). The da
t
a secur 
it
y off 
i
cer mus
t
a
l
so ensure
t
ha
t
organ
i
sa
ti
on comp
li
esw
it
h Compu
t
er 
Mi
suse Ac
t
of 1990(OP
SI
, 2009).
I
t
 
i
s compr 
i
sed of 
t
he fo
ll
ow
i
ng 3 compu
t
er offences
:
 
y
 
³U
nau
t
hor 
i
sed use of a compu
t
er resource e.g. da
t
a or program´
y
 
³U
nau
t
hor 
i
sed access
t
o a compu
t
er sys
t
em w
it
h
t
he
i
n
t
en
t
 
t
o comm
it
cr 
i
mes´
y
 
³U
nau
t
hor 
i
sed mod
i
i
ca
ti
on of compu
t
er ma
t
er 
i
a
l
´
I
f any of 
t
he offences are comm
itt
ed. The organ
i
sa
ti
on shou
l
d be ab
l
e
t
o app
l
y
t
he Ac
t
regard
l
ess of whe
t
her 
t
he offence was comm
itt
ed
i
n
t
erna
ll
y w
it
h
i
n
t
he organ
i
sa
ti
on or ex
t
erna
ll
y.
E
ven
t
hough,
t
he
i
nves
ti
ga
ti
on
i
s
t
he respons
i
b
ilit
y of 
l
aw enforcemen
t
.
E
v
i
dence needs
t
o be co
ll
ec
t
ed appropr 
i
a
t
e
l
yfor a prosecu
ti
on
t
o be ach
i
eved. The secur 
it
y off 
i
ce mus
t
ensure
t
ha
t
 
t
he organ
i
sa
ti
on adheres
t
o
t
he

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->