The Department of Administrative Services (DAS) provides a number of services to other departments in an Australian State Government. These services include HR and personnel management, payroll, contract tendering management, contractor management, and procurement. These services have all been provided from the Department’s own data centres.
As a result of a change in Government policy, DAS is moving to a “Shared Services” approach. This approach will mean that DAS will centralise a number of services for the whole of Government (WofG). The result of this move will be that each Department or Agency that runs one of these services for its own users, will be required to migrate its data to DAS so that it can be consolidated into one of the DAS centralised databases. DAS will then provide these consolidated services to all other Departments and Agencies within the Government.
Another Government policy mandates a “Cloud first” approach to the process of updating or acquiring software or services. Following these strategic policy changes from Government, DAS has decided to:
Tasks
After your successful engagement to provide a security and privacy risk assessment for the DAS, you have again been engaged to consider some additional questions that DAS management has raised.
Prepare a presentation for DAS Management using the TRA you recently completed on the security and privacy of employee data. Your presentation is to show:
Your presentation is to be completed in either PowerPoint or Google slides. Your presentation must not exceed 25 slides of content.
Your presentation should highlight the significant points of your argument, but you should include the detail in the speaking notes section of your slides.
This assessment task will assess the following learning outcome/s:
back to topQuestionsHDDICRPSFLQ1. Does the operational solution and locations affect DAS security (20 marks)Comprehensive exploration of the use of SaaS and given locations affect the existing security of data that includes well considered and argued reasoning
Thorough exploration of the use of SaaS and given locations affect the existing security of data that includes good reasoning
Detailed exploration of the use of SaaS and given locations affect the existing security of data that includes some good reasoning
Adequate exploration of the use of SaaS and given locations affect the existing security of data that includes some reasoning
Incomplete or irrelevant exploration of the use of SaaS and given locations affect the existing security of data that includes little or no reasoning
Q2. Does the operational solution and locations increase or mitigate threats and risks to DAS security (20 marks)Comprehensive discussion of how this solution and its locations will increase or mitigate threats and risks to security of DAS that includes well considered and argued reasoningThorough discussion of how this solution and its locations will increase or mitigate threats and risks to security of DAS that includes good reasoningDetailed discussion of how this solution and its locations will increase or mitigate threats and risks to security of DAS that includes some good reasoningAdequate discussion of how this solution and its locations will increase or mitigate threats and risks to security of DAS that includes some reasoningIncomplete or irrelevant discussion of how this solution and its locations will increase or mitigate threats and risks to security of DAS that includes little or no reasoningQ3. Implications for DAS of data processing location (20 marks)Comprehensive discussion of the security and privacy implications for DAS of the chosen data processing location that includes well considered and argued reasoningThorough discussion of the security and privacy implications for DAS of the chosen data processing location that includes good reasoningDetailed discussion of the security and privacy implications for DAS of the chosen data processing location that some good reasoningAdequate discussion of the security and privacy implications for DAS of the chosen data processing location that includes some reasoningIncomplete or inadequate discussion of the security and privacy implications for DAS of the chosen data processing location that includes little or no reasoningQ4. Issues of data sensitivity (20 marks)Comprehensive exploration of data sensitivity issues that includes well thought out reasoningThorough exploration of data sensitivity issues that includes good reasoningDetailed exploration of data sensitivity issues that includes some good reasoningAdequate exploration of data sensitivity issues that includes some reasoningInadequate or incomplete exploration of data sensitivity issues that includes little or no reasoningQ5. Issues of data sovereignty (20 marks)Comprehensive exploration of data sovereignty issues that includes well thought out reasoningThorough exploration of data sovereignty issues that includes good reasoningDetailed exploration of data sovereignty issues that includes some good reasoningAdequate exploration of data sovereignty issues that includes some reasoningInadequate or incomplete exploration of data sovereignty issues that includes little or no reasoningReferencing & Presentation
Up to 5 marks can be deducted for incorrect or incomplete referencing Up to 5 marks may be deducted for poor presentation, spelling and grammar
Your presentation is to be completed in either PowerPoint or Google slides. Your presentation must not exceed 30 slides of content.
Your presentation should highlight the significant points of your argument, but you should include the detail in the speaking notes section of your slides.