Assignment 3 answers Essay

2393 Words Nov 12th, 2014 10 Pages
Security Management Advanced Assignment 3
Answers

Question 1 (Weighting: 10)
Explain how the risk to personnel security can be reduced and how personnel can be monitored without infringing their rights. Give an example of how an organisation might ensure that employees are not at risk, and explain how one would obtain a 'CRB' check.

Personal Security is a prime concern for most employers. By ensuring personal security is acute, other aspects of security for the asset will be enhanced. For instance, my current employer can and does, monitor both my work emails and blackberry, this was clearly stated in my contract and is a basic security enhancement.

Other areas that the employer can instigate could be:
1. Web monitoring service with
…show more content…
Risk Management is the identification, assessment and prioritization of risks that could have a detrimental effect on the organisation or asset and the best ways in which to AVOID these risks.

Crisis Management is situation based and is designed to clearly set out how the organisation or asset would respond to an incident, which department is responsible for which area and the overall management of the crisis from ground level to media release, to both limit the physical damage (property, equipment and life) and also the reputation and name of the organisation. During Risk management we look into probability of likelihood, therefore, any areas that have been initially identified with a high probability of risk are dealt with first, while those of a lower probability are dealt with last. The risks are then measured by means of control points, be it physical or procedural.

Example

The asset has been awarded a high profile contract to safe guard sensitive information on secure systems for a governmental organisation.

The probability and likelihood of a cyber attack on the system is deemed as HIGH and it is also assessed that the likelihood of an attack on the system from within the organisation is HIGH. The asset has taken all necessary precautions to safe guard this information in line with the Data Protection Act and all personnel who have access to this information have been thoroughly screened and vetted.

However, a large

Related Documents