BARANGAY IPIL- 1 INFORMATION SYSTEM

Security Architecture
Action Plan
Summary of Action Plan

The action plan includes assets like credentials, residents data, reports, and papers. The
credentials contain a login module, which is used to authenticate and grant users access to the
Barangay Information System. The digital security risk such as data breaching and unauthorized
access may occur moderately to the credentials, in which case I.T Security would solve the
situation by providing an action plan to address the risk and threats that may occur. Residents'
data contains information that is highly at risk to the insider threats, data leaks, infiltration of the
privacy and misuse of data that can affect the process and functionality of the system which
need to check assets and double up the security such as limit data access (authorized
personnel only). Reports and document assets are unlikely to be at risk to the digital security
because this kind of assets can monitor and proceed the transaction or process that. But
despite the low risk there are still actions that need to be maintained such as system updates,
back ups, and training programs for security.

Purpose of the Action Plan

The action plan for the Barangay Information System for Ipil-1 aims to; Mitigate and
manage digital security risks to the system's assets; Protect the functionality and integrity of the
information system; Encourage a culture of digital security within the barangay. Overall, the
Barangay information system action plan seeks to establish a secure and reliable information
system that safeguards sensitive data, protects residents' privacy, and maintains efficient
system operation, serving as a valuable tool for barangay governance and community
development.

Benefits of the Action Plan in your Organization

The benefits of the action plan include the prevention of necessary security irregularities
or difficulties in the system. This action plan will benefit the organization because they will know
what the risk will be, how they will prevent the risk, the level of risk impact and frequency,
whether it is very high damage or very low risk to handle the risk properly, and what action they
will take on the risk that will occur, allowing them to properly prevent the risk.

If some of this actions failed, what is the next step

If the action fails, the first step will immediately identify the failed action and its
implications to the system. Next, finding information regarding the lack of action, may include
identifying possible vulnerabilities that compromised specific functionalities. Next, retrieve the
residents' data to a secure location with regular backups to ensure data protection. Lastly,
continuous improvement includes upgrading the actions.