Scribd Logo
Upload

Welcome to Scribd!

  • Case Study

    Uploaded by

    Adeel Ahmed
    14 views1 page

    Original Title

    Attachment_1629294397

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views1 page

    Case Study

    Uploaded by

    Adeel Ahmed

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Case Study

    Blackbaud is the world’s largest provider of education administration, fundraising and


    financial management software. In July 2020, it was reported in the media that Blackbaud
    was held to ransom by hackers, this resulted in more than 20 universities and charities in the
    UK, US and Canada have confirmed they are victims of this Cyber-attack. The news further
    mentioned that Blackbaud paid the ransom, although this is not illegal however it was against
    the advice of law enforcement agencies. The correct scale of breach is not confirmed yet,
    however affected UK Universities have reported this incident to UK’s Information
    Commissioner’s Office (ICO).

    After this news, University of Higher Education (UHE), which is a private University located
    in the suburb of London borough of Sutton decided to review its Information Security
    Management System. The University management acknowledge the significance of reliable
    information security to its assets and responsibility to ensure students and staff personal data
    and research data, maintain Confidentiality, Integrity and Availability against cyber security
    attacks. The UHE wants to adopt robust Information Security policy to adhere with legal and
    regulatory compliance and understand that Information Governance can play a vital role in its
    day-to-day operations as it establishes policies, procedures and accountability, which is
    imperative for an effective management lifecycle of student/staff personal data and can
    maximise data privacy and confidentiality.

    You need to develop an information governance policy for UEH and write an accompanying
    report, which provides justification of the risk assessment methodologies and strategy to
    implement strong information governance for the given organisation.

    Task: Justify of the importance of information governance to the organisation based on a


    critical evaluation of the organisational context. This should include risk assessment
    methodologies either qualitative or quantitative. Identify information assets, identify threats,
    vulnerabilities and risks associated with assets.

    You might also like