SlideShare a Scribd company logo

ITS 834 Emerging Threats Paper

Download as DOCX, PDF
V
vrickens

The document provides instructions for a research paper assignment on cyber warfare and its implications for the United States. It outlines requirements such as the topic, minimum length of 10 double-spaced pages, required sources including a specific journal article, components like an introduction and conclusion, and the grading rubric. Students must submit the paper by the due date of July 29 and it will be checked for plagiarism using SafeAssignment.

Education
1 of 28
ITS 834 Emerging Threats and Countermeasures Total points - 100 Midterm Research Paper- The paper is due on end of day Monday July 29 Write a research paper on the topic Cyber warfare and its implications for the United States Your research paper should be minimally 10 pages (double spaced, Font - Georgia with font size 12). The research paper needs to refer to the following source · Kostyuk, N., and Zhukov., M., Y. (2019). Invisible Digital Front: Can Cyber Attacks Shape Battlefield Events? Journal of Conflict Resolution, 63(2)., 317-347. (pfd version of paper is uploaded to module 4 in d2l). · In addition you need to have at least 5 peer reviewed journal/book references The research needs to minimally discuss the following · The relevance of cyber warfare for the United States · What are some examples of possible cyber warfare scenarios where critical infrastructure could be affected · Emerging technologies that can be used for cyber warfare · What does Kostyuk and Zhukov (2019) address mainly in their paper? Do you agree with Kostyuk and Zhukov (2019) that cyber-attacks are ineffective as a tool of coercion in war. Ensure to explain why or why not. · Future implications of cyber warfare for the United States The bibliography should be included as a separate page and is not part of the 10 page requirement. Student assignments will be run through Safe Assignment. Please ensure to check the safe assignment result prior to submitting. You will have the chance to submit your assignment up to two times. So please submit earlier than the due date so you can check your safe assign score. If your safe assign score is more
than 10 percent, you need to check your paper and make any needed updates and submit again. Text that are copied directly from outside sources without being in quotes is considered plagiarism. Please refer to the University’s academic integrity policy. If there is text in your paper from outside sources that are not referenced and in quotes, you will not receive a grade for the assignment and will be referred to the department. http://cumberland.smartcatalogiq.com/en/2017-2018/2017-2018- Undergraduate-Catalog/Academic-Affairs/Academic-Integrity- Policy The university of Cumberland library can be assessed at https://www.ucumberlands.edu/library The research paper should include the following components. · Title Page (Not part of the minimum 10 page requirement) · Abstract (quick overview in your own words of the entire content of your paper, limited to 200-350 words) · Introduction (1-2 pages, relevance of cyber warfare for the U.S, example, possible scenarios_ · Literature Review (2-4 pages, describes the research papers that you find in reference to the topic of cyber warfare, emerging technologies that can be used, the impact of cyber warfare) · Discussion (2-3 pages) – (Your perspective on the topic of cyber warfare, implications for the U.S, critical perspectives and/or recommendations) · Conclusion (1-2 paragraphs, This provides a final summary of your research paper) · Bibliography in APA format The following rubric will be used to grade your assessment Evaluation Parameters Percentage Weight Did the student respond to the research topic 20 Did the student conduct sufficient literature review of the topic
20 Did the student provide relevant examples to support viewpoints 20 Did the student meet the content requirements of the assignment and discuss the key points identified in the question 20 Did the student provide a critical perspective on the topic 10 Did the student create a professional, well-developed report with proper grammar, spelling, punctuation and APA formatting 10 Total 100% Please refer to the following for APA guidelines https://owl.purdue.edu/owl/research_and_citation/apa_style/apa _formatting_and_style_guide/general_format.html Information Governance Checklist and Privacy Impact Assessments Authorship: <Your name> – Information Governance Manager Committee Approved: Quality and Clinical Governance Committee Approved date:
Review Date: Target Audience: All Staff Policy Reference No: Today’s date-sequence number i.e. 2019-07-08-00 Version Number: 0.1 Business Critical data Yes Business Critical System Yes 10 Contents Introduction 4 Responsibilities 4 Information Governance Checklist 4 Privacy Impact Assessment 5 ANNEX A - INFORMATION GOVERNANCE CHECKLIST 6 ANNEX B - Privacy Impact Assessment Proforma 7 Section A: New/Change of System/Project General Details 8 Section B Privacy Impact Assessment Key Questions 10 Evaluation 15 Appendix – Glossary of Terms 18 STANDARD AMENDMENTS Amendments to the Standard will be issued from time to time. A new amendment history will be issued with each change. New Version Number
Issued by Nature of Amendment Approved by & Date Date on Intranet 0.1 <your name> First draft for comments NR Introduction The CCG needs to ensure that it remains compliant with legislation and NHS requirements such as the Information Governance Toolkit with its use of Personal Confidential Information. The Information Governance Checklist and Privacy Impact Assessments (PIA) have been developed to provide an
assessment when new services are started or new information processing systems are introduced. Responsibilities Policy review and maintenance Information Governance, Security & Compliance Manager Approval CSU Executive Management Team Adoption All manager, staff and contractors Responsibility for ensuring that Information Governance Checklists and Privacy Impact Assessments are completed, where required, resides with all Service Managers and Directorate Heads. Line Managers are responsible for ensuring that their permanent and temporary staff and contractors are aware of the Information Governance Checklist and Privacy Impact Assessment process. On a day-to-day basis staff of all levels that are introducing a new system be it electronic or paper based, should use this document to ensure that processing remains compliant with current legislation. Information Governance Checklist The Information Governance Checklist provides short initial assessment which should be completed at an early stage of any project or service redesign to identify stakeholders, make an initial assessment of privacy risk and decide if a Privacy Impact Assessment is necessary as not all project or changes to services would require one. A copy of the IGC form can be found at Appendix A Privacy Impact Assessment A PIA is a process which helps assess privacy risks to individuals in the collection, use and disclosure of information.
PIAs help identify privacy risks, foresee problems and bring forward solutions. A PIA is necessary to identify and manage risks; to avoid unnecessary costs; to avoid inadequate solutions to privacy risks; to avoid loss of trust and reputation; to inform the organisation’s communication strategy and to meet or exceed legal requirements. There is no statutory requirement for any organisation to complete a PIA, however, central government departments have been instructed to complete PIAs by the Cabinet Office. The overall PIA process is operated under the supervision of the Information Commissioners Office (ICO) who is responsible for the production of guidance materials. Is a PIA required for every project? Not every project will require a PIA. The ICO envisages PIAs being used only where a project is of such a wide scope, or will use personal information of such a nature, that there would be genuine risks to the privacy of the individual. PIAs will usually be recommended where a change of the law will be required, new and intrusive technology is being used, or where private or sensitive information which was originally collected for a limited purpose is going to be reused in a new and unexpected way. The IGC will help determine if a PIA is required and if so which of the two options will be suitable. Why should I do a PIA? To identify privacy risks to individuals; To identify privacy and Data Protection compliance liabilities; To protect the organisations reputation; To instil public trust and confidence in your project/product; To avoid expensive, inadequate “bolt- on” solutions; and To inform your communications strategy. Following completion of the IGC it may be decided that a PIA is going to be required. There are two types of PIA, a small scale and a full scale. Where it is thought that a PIA is needed the small scale form, located at Appendix B, will be used and submitted to the Information Governance Team who can assess the small scale form completed and advise on whether a full
scale PIA needs to be completed. When should I start a PIA? PIAs are most effective when they are started at an early stage of a project, when: · the project is being designed; · you know what you want to do; · you know how you want to do it; and · you know who else is involved. But it must be completed before: · decisions are set in stone; · you have procured systems; · you have signed contracts/ MOUs/agreements; and · while you can still change your mind! ANNEX A - Information Governance Checklist Name of Project or Service Change Lead Project Manager Does project involve processing of Personal Confidential Data (PCD)? If yes how many records will be involved? What is the purpose of the processing? Which organisations and customers are involved? Give an indication of the timescale for the project? This IGC must be completed by all projects and significant changes to service at the start or early stage of a project. Please complete all questions with as much detail as possible and return the completed from to:<your name> Information Governance, Security & Compliance Manager
<your email> ANNEX B - Privacy Impact Assessment Proforma This document must be completed for any new / or change in service which plans to utilise personal confidential information. It must be completed as soon as the new service / or change is identified by the Project Manager / System Manager or Information Asset Owner. This process is a mandated requirement on the Information Governance Toolkit to ensure that privacy concerns have been considered and actioned to ensure the security and confidentiality of the personal identifiable information. There are 2 types of Privacy Impact Assessments – a small scale and full scale. This proforma is based on the Small Scale PIA. Following completion of this proforma, it may be necessary to conduct a Full Scale PIA. Full details are available in the Information Commissioner’s handbook:- http://www.ico.org.uk/pia_handbook_html_v2/html/0- advice.html Privacy Law compliance checks and Data Protection Act compliance checks are part of the PIA process – the questions to assess this are included in the proforma. Please complete all questions with as much detail as possible and return the completed from to:<your name> Information Governance, Security & Compliance Manager <your email address> Further guidance on specific items can be found on the Information Commissioner’s website. <your email address> Use scenario to complete the belowSection A: New/Change of System/Project General Details Name: Objective:
Background: Why is the new system / change in system required? Is there an approved business case? Benefits: Constraints: Relationships: (for example, with other Trust’s, organisations) Quality expectations: Cross reference to other projects: Project Manager: Name: Title: Department: Telephone: Email
Information Asset Owner: (All systems/assets must have an Information Asset Owner (IAO). IAO’s are normally the Heads of Departments and report to the SIRO) Name: Title: Department: Telephone: Email Information Asset Administrator: (All systems / assets must have an Information Asset Administrator (IAA) who reports the IAO as stated above. IAA’s are normally System Managers / Project Leads) Name: Title: Department:
Telephone: Email Deputy Information Asset Administrator: (It is necessary that there is a deputy in place for when the IAA is absent from the workplace for whatever reason) Name: Title: Department: Telephone: Email Customers and stakeholders: Section B Privacy Impact Assessment Key Questions Question Response Ref to keyreq. e.g. IGTK, Small scale PIA etc 1. Will the
system/project/process (will now be referred to thereafter as ‘asset’) contain Personal Confidential Data or Sensitive Data? If answered ‘No’ you do not need to complete any further information as PIA is not required. No Patient Staff Other (specify) 2. Please state purpose for the collection of the data: for example, patient treatment, health administration, research, audit, staff administration 3. Does the asset involve new privacy–enhancing technologies? Encryption; 2 factor authentication, pseudonymisation Yes No If yes, please give details: SS PIA (1) 4. Please tick the data items that are held in the system Personal Sensitive Name Address Post Code Date of Birth GP Consultant Next of Kin Hospital (District) No. Sex NHS Number
National Insurance Number Treatment Dates Sex Diagnosis Religion Occupation Ethnic Origin Medical History Staff data (Pay, Union etc) Other (please state here): 5. Will the asset collect new personal data items which have not been collected before? Yes No If yes, please give details: SS PIA (5) 6. What checks have been made regarding the adequacy, relevance and necessity for the collection of personal and/or sensitive data for this asset? SS PIA (2 & 10) 7. Does the asset involve new or changed data collection policies that may be unclear or intrusive? Yes No SS PIA (9) 8. Is the third party contract/supplier of the system registered with the Information Commissioner? What is their notification number? Yes No Data Protection Act Notification Number: 9. Has the third party supplier completed an Information
Governance Toolkit Return? Yes No If yes, please give percentage score: 10. Does the third party/supplier contracts contain all the necessary Information Governance clauses including information about Data Protection and Freedom of Information? Yes No IG TK 110 11. Does the asset comply with privacy laws such as the Privacy and Electronic Communications Regulations 2003 (see appendix for definition) Yes No Privacy Law Check 12. Who provides the information for the asset? Patient Staff Others – Please specify e.g. Interfaces from PAS 13. Are you relying on individuals (patients/staff) to provide consent for the processing of personal identifiable or sensitive data? Yes No 14. If yes, how will that consent be obtained? Please state: 15. How will consent and non consent be recorded? 16. If consent is not the basis for processing which legal justification is being used? Court Order Public Interest Other (detail below)
17. Have the individuals been informed of and have given their consent to all the processing and disclosures? Yes (explicit) No Yes (implicit in leaflets, on website) IGTK 18. How will the information be kept up to date and checked for accuracy and completeness? 19. Who will have access to the information within the system? 20. Do you intend to send direct marketing messages by electronic means? This includes both live and pre-recorded telephone calls, fax, email, text message and picture (including video)? Yes No Privacy Check 21. If applicable, are there procedures in place for an individual’s request to prevent processing for purposes of direct marketing in place? Yes No Privacy Check 22. Is automated decision making used? If yes, how do you notify the individual? Yes No Privacy Check 23. Is there a useable audit trail in place for the asset. For example, to identify who has accessed a record? Yes No
IGTK 24. Have you assessed that the processing of Yes No personal/sensitive data will not cause any unwarranted damage or distress to the individuals concerned? What assessment has been carried out? 25. What procedures are in place for the rectifying/blocking of data by individual request or court order? 26. Does the asset involve new or changed data access or disclosure arrangements that may be unclear? Yes No SS PIA (12) 27. Does the asset involve changing the medium for disclosure for publicly available information in such a way that data become more readily accessible than before? (For example, from paper to electronic via the web?) Yes No SS PIA (14) 28. What are the retention periods (what is the minimum timescale) for this data? (please refer to the Records Management: NHS Code of Practice) SS PIA (13) 29. How will the data be destroyed when it is no longer required?
IGTK 30. Will the information be shared with any other establishments/ organisations/Trust’s? Yes No IGTK, PIA 4 31. Does the asset involve multiple organisations whether public or private sector? Include any external organisations. Also include how the data will be sent/accessed and secured. Yes No 32. Does the asset involve new linkage of personal data with data in other collections, or is Yes No SS PIA (8) there significant changes in data linkages? 33. Where will the information be kept/stored/accessed? On paper On a database saved on a network folder/drive Website On a dedicated system saved to the network Other – please state below: 34. Will any information be sent off site If ‘Yes’ where is this informed being sent Yes No IGTK 208 & 308
35. Please state by which method the information will be transported Fax Email Via NHS Mail Website Via courier By hand Via post – internal Via telephone Via post - external Other – please state below: IGTK 208 & 308 36. Are you transferring any personal and / or sensitive data to a country outside the European Economic Area (EEA)? If yes, where? Yes No IGTK 209 37. What is the data to be transferred to the non EEA country? IGTK 209 38. Are measures in place to mitigate risks and ensure an adequate level of security when the data is transferred to this country? Yes No Not applicable IGTK 209 39. Have you checked that the non EEA country has an adequate level of protection for data Yes No Not applicable IGTK 209
security? 40. Is there a Security Management Policy and Access Policy in place? Please state policy titles. Yes No SS PIA (11) 41. Has an information risk assessment been carried out and reported to the Information Asset Owner (IAO)? Where any risks highlighted – please provide details and how these will be mitigated? Was process approved by SIRO? Yes No Risk Ass 42. Is there a contingency plan / backup policy, or business continuity plan in place to manage the effect of an unforeseen event? Please provide a copy. Yes No Risk Ass 43. Are there procedures in place to recover data (both electronic /paper) which may be damaged through: Human error Computer virus Network failure Theft Fire Flood Other disaster Please provide policy titles. Yes No Risk Ass
Evaluation 44. Is the PIA approved? If not, please state the reasons why and the action plan put in Yes No place to ensure the PIA can be approved Form completed by: Name: Title: Signature: Date: Information Governance Group Approval Name: Title: Signature: Date: Appendix – Glossary of Terms Item Definition Personal Data
This means data which relates to a living individual which can be identified: A) from those data, or B) from those data and any other information which is in the possession of, or is likely to come into the possession of, the data controller. It also includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual Sensitive Data This means personal data consisting of information as to the: A) racial or ethnic group of the individual B) the political opinions of the individual C) the religious beliefs or other beliefs of a similar nature of the individual D) whether the individual is a member of a trade union E) physical or mental health of the individual F) sexual life of the individual G) the commission or alleged commission by the individual of any offence H) any proceedings for any offence committed or alleged to have been committed by the individual, the disposal of such proceedings or the sentence of any court in such proceedings Direct Marketing This is “junk mail” which is directed to particular individuals. The mail which are addressed to “the occupier” is not directed to an individual and is therefore not direct marketing. Direct marketing also includes all other means by which an individual may be contacted directly such as emails and text messages which you have asked to be sent to you. Direct marketing does not just refer to selling products or services to individuals, it also includes promoting particular views or campaigns such as those of a political party or charity. Automated Decision Making Automated decisions only arise if 2 requirements are met. First, the decision has to be taken using personal information solely
by automatic means. For example, if an individual applies for a personal loan online, the website uses algorithms and auto credit searching to provide an immediate yes / no decision. The second requirement is that the decision has to have a significant effect on the individual concerned. European Economic Area (EEA) The European Economic Area comprises of the EU member states plus Iceland, Liechtenstein and Norway Information Assets Information assets are records, information of any kind, data of any kind and any format which we use to support our roles and responsibilities. Examples of Information Assets are databases, systems, manual and electronic records, archived data, libraries, operations and support procedures, manual and training materials, contracts and agreements, business continuity plans, software and hardware. SIRO (Senior Information Risk Owner) This person is an executive who takes ownership of the organisation’s information risk policy and acts as advocate for information risk on the Board IAO (Information Asset Owner) These are senior individuals involved in running the relevant service/department. Their role is to understand and address risks to the information assets they ‘own’ and to provide assurance to the SIRO on the security and use of those assets. They are responsible for providing regular reports regarding information risks and incidents pertaining to the assets under their control/area. IAA (Information Asset Administrator) There are individuals who ensure that policies and procedures are followed, recognise actual or potential security incidents, consult their IAO on incident management and ensure that information asset registers are accurate and up to date. These roles tend to be system managers Implied consent
Implied consent is given when an individual takes some other action in the knowledge that in doing so he or she has incidentally agreed to a particular use or disclosure of information, for example, a patient who visits the hospital may be taken to imply consent to a consultant consulting his or her medical records in order to assist diagnosis. Patients must be informed about this and the purposes of disclosure and also have the right to object to the disclosure. Explicit consent Express or explicit consent is given by a patient agreeing actively, usually orally (which must be documented in the patients casenotes) or in writing, to a particular use of disclosure of information. Anonymity Information may be used more freely if the subject of the information is not identifiable in any way – this is anonymised data. However, even where such obvious identifiers are missing, rare diseases, drug treatments or statistical analyses which may have very small numbers within a small population may allow individuals to be identified. A combination of items increases the chances of patient identification. When anonymised data will serve the purpose, health professionals must anonymise data and whilst it is not necessary to seek consent, general information about when anonymised data will be used should be made available to patients. Pseudonymity This is also sometimes known as reversible anonymisation. Patient identifiers such as name, address, date of birth are substituted with a pseudonym, code or other unique reference so that the data will only be identifiable to those who have the code or reference. Information Risk An identified risk to any information asset that the Trust holds. Please see the Information Risk Policy for further information. Privacy Invasive Technologies
Examples of such technologies include, but are not limited to, smart cards, radio frequency identification (RFID) tags, biometrics, locator technologies (including mobile phone location, applications of global positioning systems (GPS) and intelligent transportation systems), visual surveillance, digital image and video recording, profiling, data mining and logging of electronic traffic. Technologies that are inherently intrusive, new and sound threatening are a concern and hence represent a risk Authentication Requirements An identifier enables organisations to collate data about an individual. There are increasingly onerous registration processes and document production requirements imposed to ensure the correct person can have, for example, the correct access to a system or have a smartcard. These are warning signs of potential privacy risks. Retention Periods Records are required to be kept for a certain period either because of statutory requirement or because they may be needed for administrative purposes during this time. If an organisation decides that it needs to keep records longer than the recommended minimum period, it can very the period accordingly and record the decision and the reasons behind. The retention period should be calculated from the beginning of the year after the last date on the record. Any decision to keep records longer than 30 years must obtain approval from The National Archives. Records Management: NHS Code of Practice Is a guide to the required standards of practice in the management of records for those who work within or under contract to NHS organisations in England. It is based on current legal requirements and professional best practice. The code of practice contains an annex with a health records retention schedule and a Business and Corporate (non-health) records retention schedule. Data Protection Act 1998
This Act defines the ways in which information about living people may be legally used and handled. The main intent is to protect individuals against misuse or abuse of information about them. The 8 principles of the Act state The fundamental principles of DPA 1998 specify that personal data must: be processed fairly and lawfully. be obtained only for lawful purposes and not processed in any manner incompatible with those purposes. be adequate, relevant and not excessive. be accurate and current. not be retained for longer than necessary. be processed in accordance with the rights and freedoms of data subjects. be protected against unauthorized or unlawful processing and against accidental loss, destruction or damage. not be transferred to a country or territory outside the European Economic Area unless that country or territory protects the rights and freedoms of the data subjects. Privacy and Electronic Communications Regulations 2003 These regulations apply to sending unsolicited marketing messages electronically such as telephone, fax, email and text. Unsolicited marketing material should only be sent if the requester has opted in to receive this information.
ITS 834 Emerging Threats Paper
ITS 834 Emerging Threats Paper

Recommended

Project Access Control ProposalPurposeThis course project i.docx
Project Access Control ProposalPurposeThis course project i.docxProject Access Control ProposalPurposeThis course project i.docx
Project Access Control ProposalPurposeThis course project i.docxstilliegeorgiana
 
IntroductionThis is an individual project. Each student must comp.docx
IntroductionThis is an individual project. Each student must comp.docxIntroductionThis is an individual project. Each student must comp.docx
IntroductionThis is an individual project. Each student must comp.docxmariuse18nolet
 
I need 10 pages of report and 10 slides PurposeThis course p
I need 10 pages of report and 10 slides PurposeThis course pI need 10 pages of report and 10 slides PurposeThis course p
I need 10 pages of report and 10 slides PurposeThis course pdoylymaura
 
Running Header 1APPLICATION DEVELOPMENT METHODS2.docx
Running Header 1APPLICATION DEVELOPMENT METHODS2.docxRunning Header 1APPLICATION DEVELOPMENT METHODS2.docx
Running Header 1APPLICATION DEVELOPMENT METHODS2.docxrtodd599
 
Running Header 1SYSTEM ARCHITECTURE2Unit .docx
Running Header 1SYSTEM ARCHITECTURE2Unit .docxRunning Header 1SYSTEM ARCHITECTURE2Unit .docx
Running Header 1SYSTEM ARCHITECTURE2Unit .docxrtodd599
 
Security Policy Document Project Objectives The purpose .docx
Security Policy Document Project Objectives The purpose .docxSecurity Policy Document Project Objectives The purpose .docx
Security Policy Document Project Objectives The purpose .docxkenjordan97598
 
Running Header 1SYSTEM ARCHITECTURE24Gr.docx
Running Header 1SYSTEM ARCHITECTURE24Gr.docxRunning Header 1SYSTEM ARCHITECTURE24Gr.docx
Running Header 1SYSTEM ARCHITECTURE24Gr.docxrtodd599
 
1. Statement of Course ObjectivesThe objective of the Directed.docx
1. Statement of Course ObjectivesThe objective of the Directed.docx1. Statement of Course ObjectivesThe objective of the Directed.docx
1. Statement of Course ObjectivesThe objective of the Directed.docxgasciognecaren
 

Recommended

Project Access Control ProposalPurposeThis course project i.docx
Project Access Control ProposalPurposeThis course project i.docxProject Access Control ProposalPurposeThis course project i.docx
Project Access Control ProposalPurposeThis course project i.docxstilliegeorgiana
 
IntroductionThis is an individual project. Each student must comp.docx
IntroductionThis is an individual project. Each student must comp.docxIntroductionThis is an individual project. Each student must comp.docx
IntroductionThis is an individual project. Each student must comp.docxmariuse18nolet
 
I need 10 pages of report and 10 slides PurposeThis course p
I need 10 pages of report and 10 slides PurposeThis course pI need 10 pages of report and 10 slides PurposeThis course p
I need 10 pages of report and 10 slides PurposeThis course pdoylymaura
 
Running Header 1APPLICATION DEVELOPMENT METHODS2.docx
Running Header 1APPLICATION DEVELOPMENT METHODS2.docxRunning Header 1APPLICATION DEVELOPMENT METHODS2.docx
Running Header 1APPLICATION DEVELOPMENT METHODS2.docxrtodd599
 
Running Header 1SYSTEM ARCHITECTURE2Unit .docx
Running Header 1SYSTEM ARCHITECTURE2Unit .docxRunning Header 1SYSTEM ARCHITECTURE2Unit .docx
Running Header 1SYSTEM ARCHITECTURE2Unit .docxrtodd599
 
Security Policy Document Project Objectives The purpose .docx
Security Policy Document Project Objectives The purpose .docxSecurity Policy Document Project Objectives The purpose .docx
Security Policy Document Project Objectives The purpose .docxkenjordan97598
 
Running Header 1SYSTEM ARCHITECTURE24Gr.docx
Running Header 1SYSTEM ARCHITECTURE24Gr.docxRunning Header 1SYSTEM ARCHITECTURE24Gr.docx
Running Header 1SYSTEM ARCHITECTURE24Gr.docxrtodd599
 
1. Statement of Course ObjectivesThe objective of the Directed.docx
1. Statement of Course ObjectivesThe objective of the Directed.docx1. Statement of Course ObjectivesThe objective of the Directed.docx
1. Statement of Course ObjectivesThe objective of the Directed.docxgasciognecaren
 
Security Policy Document Project Objectives The purpos.docx
Security Policy Document Project Objectives The purpos.docxSecurity Policy Document Project Objectives The purpos.docx
Security Policy Document Project Objectives The purpos.docxkenjordan97598
 
Why do the Projects fail
Why do the Projects failWhy do the Projects fail
Why do the Projects failSwapanK
 
PurposeThis course project is intended to assess your abilit
PurposeThis course project is intended to assess your abilitPurposeThis course project is intended to assess your abilit
PurposeThis course project is intended to assess your abilitTakishaPeck109
 
Page 1 of 6 [1514] COM7005 Information S.docx
Page 1 of 6 [1514] COM7005 Information S.docxPage 1 of 6 [1514] COM7005 Information S.docx
Page 1 of 6 [1514] COM7005 Information S.docxkarlhennesey
 
Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...Robin Anderson
 
Project Access Control ProposalPurposeThis course project i
Project Access Control ProposalPurposeThis course project iProject Access Control ProposalPurposeThis course project i
Project Access Control ProposalPurposeThis course project idavieec5f
 
TaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docxTaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docxbradburgess22840
 
TaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docxTaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docxdeanmtaylor1545
 
Information Governance Checklist and Privacy Impact Ass.docx
Information Governance Checklist and Privacy Impact Ass.docxInformation Governance Checklist and Privacy Impact Ass.docx
Information Governance Checklist and Privacy Impact Ass.docxcarliotwaycave
 
Info-Tech Research Group & Boardroom Events Value Prop Presentation
Info-Tech Research Group & Boardroom Events Value Prop PresentationInfo-Tech Research Group & Boardroom Events Value Prop Presentation
Info-Tech Research Group & Boardroom Events Value Prop PresentationHilary Carney Badoian
 
Impact assessment of factors affecting information technology projects in riv...
Impact assessment of factors affecting information technology projects in riv...Impact assessment of factors affecting information technology projects in riv...
Impact assessment of factors affecting information technology projects in riv...eSAT Publishing House
 
Examples Of Military Leadership
Examples Of Military LeadershipExamples Of Military Leadership
Examples Of Military LeadershipJenny Mancini
 
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docx
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docxCSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docx
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docxmydrynan
 
Agile Presentation Standing Committee on Gov't Operations Oct 17
Agile Presentation Standing Committee on Gov't Operations Oct 17Agile Presentation Standing Committee on Gov't Operations Oct 17
Agile Presentation Standing Committee on Gov't Operations Oct 17Dan Murphy, PMP, CSPO, CSM
 
Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018
Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018
Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018Association for Project Management
 
Agile Project Management A Systematic Literature Review Of Adoption Drivers ...
Agile Project Management A Systematic Literature Review Of Adoption Drivers ...Agile Project Management A Systematic Literature Review Of Adoption Drivers ...
Agile Project Management A Systematic Literature Review Of Adoption Drivers ...Jeff Nelson
 
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docx
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docxTerm Paper Managing an IT Infrastructure AuditDue Week 10 a.docx
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docxmanningchassidy
 
Assignment Objectives for Unit 5Influence ProcessesYou have.docx
Assignment Objectives for Unit 5Influence ProcessesYou have.docxAssignment Objectives for Unit 5Influence ProcessesYou have.docx
Assignment Objectives for Unit 5Influence ProcessesYou have.docxhoward4little59962
 
The tasks You are assumed to be one of the software consultants .docx
The tasks You are assumed to be one of the software consultants .docxThe tasks You are assumed to be one of the software consultants .docx
The tasks You are assumed to be one of the software consultants .docxsarah98765
 
Running head Residency DRP Research Paper OutlineResidency DR.docx
Running head Residency DRP Research Paper OutlineResidency DR.docxRunning head Residency DRP Research Paper OutlineResidency DR.docx
Running head Residency DRP Research Paper OutlineResidency DR.docxtodd521
 
1000 words, 2 referencesBegin conducting research now on your .docx
1000 words, 2 referencesBegin conducting research now on your .docx1000 words, 2 referencesBegin conducting research now on your .docx
1000 words, 2 referencesBegin conducting research now on your .docxvrickens
 
1000 words only due by 5314 at 1200 estthis is a second part to.docx
1000 words only due by 5314 at 1200 estthis is a second part to.docx1000 words only due by 5314 at 1200 estthis is a second part to.docx
1000 words only due by 5314 at 1200 estthis is a second part to.docxvrickens
 

More Related Content

Similar to ITS 834 Emerging Threats Paper

Security Policy Document Project Objectives The purpos.docx
Security Policy Document Project Objectives The purpos.docxSecurity Policy Document Project Objectives The purpos.docx
Security Policy Document Project Objectives The purpos.docxkenjordan97598
 
Why do the Projects fail
Why do the Projects failWhy do the Projects fail
Why do the Projects failSwapanK
 
PurposeThis course project is intended to assess your abilit
PurposeThis course project is intended to assess your abilitPurposeThis course project is intended to assess your abilit
PurposeThis course project is intended to assess your abilitTakishaPeck109
 
Page 1 of 6 [1514] COM7005 Information S.docx
Page 1 of 6 [1514] COM7005 Information S.docxPage 1 of 6 [1514] COM7005 Information S.docx
Page 1 of 6 [1514] COM7005 Information S.docxkarlhennesey
 
Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...Robin Anderson
 
Project Access Control ProposalPurposeThis course project i
Project Access Control ProposalPurposeThis course project iProject Access Control ProposalPurposeThis course project i
Project Access Control ProposalPurposeThis course project idavieec5f
 
TaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docxTaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docxbradburgess22840
 
TaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docxTaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docxdeanmtaylor1545
 
Information Governance Checklist and Privacy Impact Ass.docx
Information Governance Checklist and Privacy Impact Ass.docxInformation Governance Checklist and Privacy Impact Ass.docx
Information Governance Checklist and Privacy Impact Ass.docxcarliotwaycave
 
Info-Tech Research Group & Boardroom Events Value Prop Presentation
Info-Tech Research Group & Boardroom Events Value Prop PresentationInfo-Tech Research Group & Boardroom Events Value Prop Presentation
Info-Tech Research Group & Boardroom Events Value Prop PresentationHilary Carney Badoian
 
Impact assessment of factors affecting information technology projects in riv...
Impact assessment of factors affecting information technology projects in riv...Impact assessment of factors affecting information technology projects in riv...
Impact assessment of factors affecting information technology projects in riv...eSAT Publishing House
 
Examples Of Military Leadership
Examples Of Military LeadershipExamples Of Military Leadership
Examples Of Military LeadershipJenny Mancini
 
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docx
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docxCSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docx
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docxmydrynan
 
Agile Presentation Standing Committee on Gov't Operations Oct 17
Agile Presentation Standing Committee on Gov't Operations Oct 17Agile Presentation Standing Committee on Gov't Operations Oct 17
Agile Presentation Standing Committee on Gov't Operations Oct 17Dan Murphy, PMP, CSPO, CSM
 
Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018
Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018
Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018Association for Project Management
 
Agile Project Management A Systematic Literature Review Of Adoption Drivers ...
Agile Project Management A Systematic Literature Review Of Adoption Drivers ...Agile Project Management A Systematic Literature Review Of Adoption Drivers ...
Agile Project Management A Systematic Literature Review Of Adoption Drivers ...Jeff Nelson
 
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docx
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docxTerm Paper Managing an IT Infrastructure AuditDue Week 10 a.docx
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docxmanningchassidy
 
Assignment Objectives for Unit 5Influence ProcessesYou have.docx
Assignment Objectives for Unit 5Influence ProcessesYou have.docxAssignment Objectives for Unit 5Influence ProcessesYou have.docx
Assignment Objectives for Unit 5Influence ProcessesYou have.docxhoward4little59962
 
The tasks You are assumed to be one of the software consultants .docx
The tasks You are assumed to be one of the software consultants .docxThe tasks You are assumed to be one of the software consultants .docx
The tasks You are assumed to be one of the software consultants .docxsarah98765
 
Running head Residency DRP Research Paper OutlineResidency DR.docx
Running head Residency DRP Research Paper OutlineResidency DR.docxRunning head Residency DRP Research Paper OutlineResidency DR.docx
Running head Residency DRP Research Paper OutlineResidency DR.docxtodd521
 

Similar to ITS 834 Emerging Threats Paper (20)

Security Policy Document Project Objectives The purpos.docx
Security Policy Document Project Objectives The purpos.docxSecurity Policy Document Project Objectives The purpos.docx
Security Policy Document Project Objectives The purpos.docx
 
Why do the Projects fail
Why do the Projects failWhy do the Projects fail
Why do the Projects fail
 
PurposeThis course project is intended to assess your abilit
PurposeThis course project is intended to assess your abilitPurposeThis course project is intended to assess your abilit
PurposeThis course project is intended to assess your abilit
 
Page 1 of 6 [1514] COM7005 Information S.docx
Page 1 of 6 [1514] COM7005 Information S.docxPage 1 of 6 [1514] COM7005 Information S.docx
Page 1 of 6 [1514] COM7005 Information S.docx
 
Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...Innovative Technologies And Software For Higher Education...
Innovative Technologies And Software For Higher Education...
 
Project Access Control ProposalPurposeThis course project i
Project Access Control ProposalPurposeThis course project iProject Access Control ProposalPurposeThis course project i
Project Access Control ProposalPurposeThis course project i
 
TaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docxTaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docx
 
TaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docxTaskYou are required to prepare for this Assessment Item by1..docx
TaskYou are required to prepare for this Assessment Item by1..docx
 
Information Governance Checklist and Privacy Impact Ass.docx
Information Governance Checklist and Privacy Impact Ass.docxInformation Governance Checklist and Privacy Impact Ass.docx
Information Governance Checklist and Privacy Impact Ass.docx
 
Info-Tech Research Group & Boardroom Events Value Prop Presentation
Info-Tech Research Group & Boardroom Events Value Prop PresentationInfo-Tech Research Group & Boardroom Events Value Prop Presentation
Info-Tech Research Group & Boardroom Events Value Prop Presentation
 
Impact assessment of factors affecting information technology projects in riv...
Impact assessment of factors affecting information technology projects in riv...Impact assessment of factors affecting information technology projects in riv...
Impact assessment of factors affecting information technology projects in riv...
 
Examples Of Military Leadership
Examples Of Military LeadershipExamples Of Military Leadership
Examples Of Military Leadership
 
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docx
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docxCSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docx
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docx
 
Agile Presentation Standing Committee on Gov't Operations Oct 17
Agile Presentation Standing Committee on Gov't Operations Oct 17Agile Presentation Standing Committee on Gov't Operations Oct 17
Agile Presentation Standing Committee on Gov't Operations Oct 17
 
Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018
Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018
Adam Suchley - Predictive Delivery Assurance - APM Assurance SIG Conference 2018
 
Agile Project Management A Systematic Literature Review Of Adoption Drivers ...
Agile Project Management A Systematic Literature Review Of Adoption Drivers ...Agile Project Management A Systematic Literature Review Of Adoption Drivers ...
Agile Project Management A Systematic Literature Review Of Adoption Drivers ...
 
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docx
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docxTerm Paper Managing an IT Infrastructure AuditDue Week 10 a.docx
Term Paper Managing an IT Infrastructure AuditDue Week 10 a.docx
 
Assignment Objectives for Unit 5Influence ProcessesYou have.docx
Assignment Objectives for Unit 5Influence ProcessesYou have.docxAssignment Objectives for Unit 5Influence ProcessesYou have.docx
Assignment Objectives for Unit 5Influence ProcessesYou have.docx
 
The tasks You are assumed to be one of the software consultants .docx
The tasks You are assumed to be one of the software consultants .docxThe tasks You are assumed to be one of the software consultants .docx
The tasks You are assumed to be one of the software consultants .docx
 
Running head Residency DRP Research Paper OutlineResidency DR.docx
Running head Residency DRP Research Paper OutlineResidency DR.docxRunning head Residency DRP Research Paper OutlineResidency DR.docx
Running head Residency DRP Research Paper OutlineResidency DR.docx
 

More from vrickens

1000 words, 2 referencesBegin conducting research now on your .docx
1000 words, 2 referencesBegin conducting research now on your .docx1000 words, 2 referencesBegin conducting research now on your .docx
1000 words, 2 referencesBegin conducting research now on your .docxvrickens
 
1000 words only due by 5314 at 1200 estthis is a second part to.docx
1000 words only due by 5314 at 1200 estthis is a second part to.docx1000 words only due by 5314 at 1200 estthis is a second part to.docx
1000 words only due by 5314 at 1200 estthis is a second part to.docxvrickens
 
1000 words with refernceBased on the American constitution,” wh.docx
1000 words with refernceBased on the American constitution,” wh.docx1000 words with refernceBased on the American constitution,” wh.docx
1000 words with refernceBased on the American constitution,” wh.docxvrickens
 
10.1. In a t test for a single sample, the samples mean.docx
10.1. In a t test for a single sample, the samples mean.docx10.1. In a t test for a single sample, the samples mean.docx
10.1. In a t test for a single sample, the samples mean.docxvrickens
 
100 WORDS OR MOREConsider your past experiences either as a studen.docx
100 WORDS OR MOREConsider your past experiences either as a studen.docx100 WORDS OR MOREConsider your past experiences either as a studen.docx
100 WORDS OR MOREConsider your past experiences either as a studen.docxvrickens
 
1000 to 2000 words Research Title VII of the Civil Rights Act of.docx
1000 to 2000 words Research Title VII of the Civil Rights Act of.docx1000 to 2000 words Research Title VII of the Civil Rights Act of.docx
1000 to 2000 words Research Title VII of the Civil Rights Act of.docxvrickens
 
1000 word essay MlA Format.. What is our personal responsibility tow.docx
1000 word essay MlA Format.. What is our personal responsibility tow.docx1000 word essay MlA Format.. What is our personal responsibility tow.docx
1000 word essay MlA Format.. What is our personal responsibility tow.docxvrickens
 
100 wordsGoods and services that are not sold in markets.docx
100 wordsGoods and services that are not sold in markets.docx100 wordsGoods and services that are not sold in markets.docx
100 wordsGoods and services that are not sold in markets.docxvrickens
 
100 word responseChicago style citingLink to textbook httpbo.docx
100 word responseChicago style citingLink to textbook httpbo.docx100 word responseChicago style citingLink to textbook httpbo.docx
100 word responseChicago style citingLink to textbook httpbo.docxvrickens
 
100 word response to the followingBoth perspectives that we rea.docx
100 word response to the followingBoth perspectives that we rea.docx100 word response to the followingBoth perspectives that we rea.docx
100 word response to the followingBoth perspectives that we rea.docxvrickens
 
100 word response to the followingThe point that Penetito is tr.docx
100 word response to the followingThe point that Penetito is tr.docx100 word response to the followingThe point that Penetito is tr.docx
100 word response to the followingThe point that Penetito is tr.docxvrickens
 
100 word response to the folowingMust use Chicago style citing an.docx
100 word response to the folowingMust use Chicago style citing an.docx100 word response to the folowingMust use Chicago style citing an.docx
100 word response to the folowingMust use Chicago style citing an.docxvrickens
 
100 word response using textbook Getlein, Mark. Living with Art, 9t.docx
100 word response using textbook Getlein, Mark. Living with Art, 9t.docx100 word response using textbook Getlein, Mark. Living with Art, 9t.docx
100 word response using textbook Getlein, Mark. Living with Art, 9t.docxvrickens
 
100 word response to the following. Must cite properly in MLA.Un.docx
100 word response to the following. Must cite properly in MLA.Un.docx100 word response to the following. Must cite properly in MLA.Un.docx
100 word response to the following. Must cite properly in MLA.Un.docxvrickens
 
100 original, rubric, word count and required readings must be incl.docx
100 original, rubric, word count and required readings must be incl.docx100 original, rubric, word count and required readings must be incl.docx
100 original, rubric, word count and required readings must be incl.docxvrickens
 
100 or more wordsFor this Discussion imagine that you are speaki.docx
100 or more wordsFor this Discussion imagine that you are speaki.docx100 or more wordsFor this Discussion imagine that you are speaki.docx
100 or more wordsFor this Discussion imagine that you are speaki.docxvrickens
 
10. (TCOs 1 and 10) Apple, Inc. a cash basis S corporation in Or.docx
10. (TCOs 1 and 10) Apple, Inc. a cash basis S corporation in Or.docx10. (TCOs 1 and 10) Apple, Inc. a cash basis S corporation in Or.docx
10. (TCOs 1 and 10) Apple, Inc. a cash basis S corporation in Or.docxvrickens
 
10-12 slides with Notes APA Style ReferecesThe prosecutor is getti.docx
10-12 slides with Notes APA Style ReferecesThe prosecutor is getti.docx10-12 slides with Notes APA Style ReferecesThe prosecutor is getti.docx
10-12 slides with Notes APA Style ReferecesThe prosecutor is getti.docxvrickens
 
10-12 page paer onDiscuss the advantages and problems with trailer.docx
10-12 page paer onDiscuss the advantages and problems with trailer.docx10-12 page paer onDiscuss the advantages and problems with trailer.docx
10-12 page paer onDiscuss the advantages and problems with trailer.docxvrickens
 
10. Assume that you are responsible for decontaminating materials in.docx
10. Assume that you are responsible for decontaminating materials in.docx10. Assume that you are responsible for decontaminating materials in.docx
10. Assume that you are responsible for decontaminating materials in.docxvrickens
 

More from vrickens (20)

1000 words, 2 referencesBegin conducting research now on your .docx
1000 words, 2 referencesBegin conducting research now on your .docx1000 words, 2 referencesBegin conducting research now on your .docx
1000 words, 2 referencesBegin conducting research now on your .docx
 
1000 words only due by 5314 at 1200 estthis is a second part to.docx
1000 words only due by 5314 at 1200 estthis is a second part to.docx1000 words only due by 5314 at 1200 estthis is a second part to.docx
1000 words only due by 5314 at 1200 estthis is a second part to.docx
 
1000 words with refernceBased on the American constitution,” wh.docx
1000 words with refernceBased on the American constitution,” wh.docx1000 words with refernceBased on the American constitution,” wh.docx
1000 words with refernceBased on the American constitution,” wh.docx
 
10.1. In a t test for a single sample, the samples mean.docx
10.1. In a t test for a single sample, the samples mean.docx10.1. In a t test for a single sample, the samples mean.docx
10.1. In a t test for a single sample, the samples mean.docx
 
100 WORDS OR MOREConsider your past experiences either as a studen.docx
100 WORDS OR MOREConsider your past experiences either as a studen.docx100 WORDS OR MOREConsider your past experiences either as a studen.docx
100 WORDS OR MOREConsider your past experiences either as a studen.docx
 
1000 to 2000 words Research Title VII of the Civil Rights Act of.docx
1000 to 2000 words Research Title VII of the Civil Rights Act of.docx1000 to 2000 words Research Title VII of the Civil Rights Act of.docx
1000 to 2000 words Research Title VII of the Civil Rights Act of.docx
 
1000 word essay MlA Format.. What is our personal responsibility tow.docx
1000 word essay MlA Format.. What is our personal responsibility tow.docx1000 word essay MlA Format.. What is our personal responsibility tow.docx
1000 word essay MlA Format.. What is our personal responsibility tow.docx
 
100 wordsGoods and services that are not sold in markets.docx
100 wordsGoods and services that are not sold in markets.docx100 wordsGoods and services that are not sold in markets.docx
100 wordsGoods and services that are not sold in markets.docx
 
100 word responseChicago style citingLink to textbook httpbo.docx
100 word responseChicago style citingLink to textbook httpbo.docx100 word responseChicago style citingLink to textbook httpbo.docx
100 word responseChicago style citingLink to textbook httpbo.docx
 
100 word response to the followingBoth perspectives that we rea.docx
100 word response to the followingBoth perspectives that we rea.docx100 word response to the followingBoth perspectives that we rea.docx
100 word response to the followingBoth perspectives that we rea.docx
 
100 word response to the followingThe point that Penetito is tr.docx
100 word response to the followingThe point that Penetito is tr.docx100 word response to the followingThe point that Penetito is tr.docx
100 word response to the followingThe point that Penetito is tr.docx
 
100 word response to the folowingMust use Chicago style citing an.docx
100 word response to the folowingMust use Chicago style citing an.docx100 word response to the folowingMust use Chicago style citing an.docx
100 word response to the folowingMust use Chicago style citing an.docx
 
100 word response using textbook Getlein, Mark. Living with Art, 9t.docx
100 word response using textbook Getlein, Mark. Living with Art, 9t.docx100 word response using textbook Getlein, Mark. Living with Art, 9t.docx
100 word response using textbook Getlein, Mark. Living with Art, 9t.docx
 
100 word response to the following. Must cite properly in MLA.Un.docx
100 word response to the following. Must cite properly in MLA.Un.docx100 word response to the following. Must cite properly in MLA.Un.docx
100 word response to the following. Must cite properly in MLA.Un.docx
 
100 original, rubric, word count and required readings must be incl.docx
100 original, rubric, word count and required readings must be incl.docx100 original, rubric, word count and required readings must be incl.docx
100 original, rubric, word count and required readings must be incl.docx
 
100 or more wordsFor this Discussion imagine that you are speaki.docx
100 or more wordsFor this Discussion imagine that you are speaki.docx100 or more wordsFor this Discussion imagine that you are speaki.docx
100 or more wordsFor this Discussion imagine that you are speaki.docx
 
10. (TCOs 1 and 10) Apple, Inc. a cash basis S corporation in Or.docx
10. (TCOs 1 and 10) Apple, Inc. a cash basis S corporation in Or.docx10. (TCOs 1 and 10) Apple, Inc. a cash basis S corporation in Or.docx
10. (TCOs 1 and 10) Apple, Inc. a cash basis S corporation in Or.docx
 
10-12 slides with Notes APA Style ReferecesThe prosecutor is getti.docx
10-12 slides with Notes APA Style ReferecesThe prosecutor is getti.docx10-12 slides with Notes APA Style ReferecesThe prosecutor is getti.docx
10-12 slides with Notes APA Style ReferecesThe prosecutor is getti.docx
 
10-12 page paer onDiscuss the advantages and problems with trailer.docx
10-12 page paer onDiscuss the advantages and problems with trailer.docx10-12 page paer onDiscuss the advantages and problems with trailer.docx
10-12 page paer onDiscuss the advantages and problems with trailer.docx
 
10. Assume that you are responsible for decontaminating materials in.docx
10. Assume that you are responsible for decontaminating materials in.docx10. Assume that you are responsible for decontaminating materials in.docx
10. Assume that you are responsible for decontaminating materials in.docx
 

Recently uploaded

Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 

Recently uploaded (20)

Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 

ITS 834 Emerging Threats Paper

  • 1. ITS 834 Emerging Threats and Countermeasures Total points - 100 Midterm Research Paper- The paper is due on end of day Monday July 29 Write a research paper on the topic Cyber warfare and its implications for the United States Your research paper should be minimally 10 pages (double spaced, Font - Georgia with font size 12). The research paper needs to refer to the following source · Kostyuk, N., and Zhukov., M., Y. (2019). Invisible Digital Front: Can Cyber Attacks Shape Battlefield Events? Journal of Conflict Resolution, 63(2)., 317-347. (pfd version of paper is uploaded to module 4 in d2l). · In addition you need to have at least 5 peer reviewed journal/book references The research needs to minimally discuss the following · The relevance of cyber warfare for the United States · What are some examples of possible cyber warfare scenarios where critical infrastructure could be affected · Emerging technologies that can be used for cyber warfare · What does Kostyuk and Zhukov (2019) address mainly in their paper? Do you agree with Kostyuk and Zhukov (2019) that cyber-attacks are ineffective as a tool of coercion in war. Ensure to explain why or why not. · Future implications of cyber warfare for the United States The bibliography should be included as a separate page and is not part of the 10 page requirement. Student assignments will be run through Safe Assignment. Please ensure to check the safe assignment result prior to submitting. You will have the chance to submit your assignment up to two times. So please submit earlier than the due date so you can check your safe assign score. If your safe assign score is more
  • 2. than 10 percent, you need to check your paper and make any needed updates and submit again. Text that are copied directly from outside sources without being in quotes is considered plagiarism. Please refer to the University’s academic integrity policy. If there is text in your paper from outside sources that are not referenced and in quotes, you will not receive a grade for the assignment and will be referred to the department. http://cumberland.smartcatalogiq.com/en/2017-2018/2017-2018- Undergraduate-Catalog/Academic-Affairs/Academic-Integrity- Policy The university of Cumberland library can be assessed at https://www.ucumberlands.edu/library The research paper should include the following components. · Title Page (Not part of the minimum 10 page requirement) · Abstract (quick overview in your own words of the entire content of your paper, limited to 200-350 words) · Introduction (1-2 pages, relevance of cyber warfare for the U.S, example, possible scenarios_ · Literature Review (2-4 pages, describes the research papers that you find in reference to the topic of cyber warfare, emerging technologies that can be used, the impact of cyber warfare) · Discussion (2-3 pages) – (Your perspective on the topic of cyber warfare, implications for the U.S, critical perspectives and/or recommendations) · Conclusion (1-2 paragraphs, This provides a final summary of your research paper) · Bibliography in APA format The following rubric will be used to grade your assessment Evaluation Parameters Percentage Weight Did the student respond to the research topic 20 Did the student conduct sufficient literature review of the topic
  • 3. 20 Did the student provide relevant examples to support viewpoints 20 Did the student meet the content requirements of the assignment and discuss the key points identified in the question 20 Did the student provide a critical perspective on the topic 10 Did the student create a professional, well-developed report with proper grammar, spelling, punctuation and APA formatting 10 Total 100% Please refer to the following for APA guidelines https://owl.purdue.edu/owl/research_and_citation/apa_style/apa _formatting_and_style_guide/general_format.html Information Governance Checklist and Privacy Impact Assessments Authorship: <Your name> – Information Governance Manager Committee Approved: Quality and Clinical Governance Committee Approved date:
  • 4. Review Date: Target Audience: All Staff Policy Reference No: Today’s date-sequence number i.e. 2019-07-08-00 Version Number: 0.1 Business Critical data Yes Business Critical System Yes 10 Contents Introduction 4 Responsibilities 4 Information Governance Checklist 4 Privacy Impact Assessment 5 ANNEX A - INFORMATION GOVERNANCE CHECKLIST 6 ANNEX B - Privacy Impact Assessment Proforma 7 Section A: New/Change of System/Project General Details 8 Section B Privacy Impact Assessment Key Questions 10 Evaluation 15 Appendix – Glossary of Terms 18 STANDARD AMENDMENTS Amendments to the Standard will be issued from time to time. A new amendment history will be issued with each change. New Version Number
  • 5. Issued by Nature of Amendment Approved by & Date Date on Intranet 0.1 <your name> First draft for comments NR Introduction The CCG needs to ensure that it remains compliant with legislation and NHS requirements such as the Information Governance Toolkit with its use of Personal Confidential Information. The Information Governance Checklist and Privacy Impact Assessments (PIA) have been developed to provide an
  • 6. assessment when new services are started or new information processing systems are introduced. Responsibilities Policy review and maintenance Information Governance, Security & Compliance Manager Approval CSU Executive Management Team Adoption All manager, staff and contractors Responsibility for ensuring that Information Governance Checklists and Privacy Impact Assessments are completed, where required, resides with all Service Managers and Directorate Heads. Line Managers are responsible for ensuring that their permanent and temporary staff and contractors are aware of the Information Governance Checklist and Privacy Impact Assessment process. On a day-to-day basis staff of all levels that are introducing a new system be it electronic or paper based, should use this document to ensure that processing remains compliant with current legislation. Information Governance Checklist The Information Governance Checklist provides short initial assessment which should be completed at an early stage of any project or service redesign to identify stakeholders, make an initial assessment of privacy risk and decide if a Privacy Impact Assessment is necessary as not all project or changes to services would require one. A copy of the IGC form can be found at Appendix A Privacy Impact Assessment A PIA is a process which helps assess privacy risks to individuals in the collection, use and disclosure of information.
  • 7. PIAs help identify privacy risks, foresee problems and bring forward solutions. A PIA is necessary to identify and manage risks; to avoid unnecessary costs; to avoid inadequate solutions to privacy risks; to avoid loss of trust and reputation; to inform the organisation’s communication strategy and to meet or exceed legal requirements. There is no statutory requirement for any organisation to complete a PIA, however, central government departments have been instructed to complete PIAs by the Cabinet Office. The overall PIA process is operated under the supervision of the Information Commissioners Office (ICO) who is responsible for the production of guidance materials. Is a PIA required for every project? Not every project will require a PIA. The ICO envisages PIAs being used only where a project is of such a wide scope, or will use personal information of such a nature, that there would be genuine risks to the privacy of the individual. PIAs will usually be recommended where a change of the law will be required, new and intrusive technology is being used, or where private or sensitive information which was originally collected for a limited purpose is going to be reused in a new and unexpected way. The IGC will help determine if a PIA is required and if so which of the two options will be suitable. Why should I do a PIA? To identify privacy risks to individuals; To identify privacy and Data Protection compliance liabilities; To protect the organisations reputation; To instil public trust and confidence in your project/product; To avoid expensive, inadequate “bolt- on” solutions; and To inform your communications strategy. Following completion of the IGC it may be decided that a PIA is going to be required. There are two types of PIA, a small scale and a full scale. Where it is thought that a PIA is needed the small scale form, located at Appendix B, will be used and submitted to the Information Governance Team who can assess the small scale form completed and advise on whether a full
  • 8. scale PIA needs to be completed. When should I start a PIA? PIAs are most effective when they are started at an early stage of a project, when: · the project is being designed; · you know what you want to do; · you know how you want to do it; and · you know who else is involved. But it must be completed before: · decisions are set in stone; · you have procured systems; · you have signed contracts/ MOUs/agreements; and · while you can still change your mind! ANNEX A - Information Governance Checklist Name of Project or Service Change Lead Project Manager Does project involve processing of Personal Confidential Data (PCD)? If yes how many records will be involved? What is the purpose of the processing? Which organisations and customers are involved? Give an indication of the timescale for the project? This IGC must be completed by all projects and significant changes to service at the start or early stage of a project. Please complete all questions with as much detail as possible and return the completed from to:<your name> Information Governance, Security & Compliance Manager
  • 9. <your email> ANNEX B - Privacy Impact Assessment Proforma This document must be completed for any new / or change in service which plans to utilise personal confidential information. It must be completed as soon as the new service / or change is identified by the Project Manager / System Manager or Information Asset Owner. This process is a mandated requirement on the Information Governance Toolkit to ensure that privacy concerns have been considered and actioned to ensure the security and confidentiality of the personal identifiable information. There are 2 types of Privacy Impact Assessments – a small scale and full scale. This proforma is based on the Small Scale PIA. Following completion of this proforma, it may be necessary to conduct a Full Scale PIA. Full details are available in the Information Commissioner’s handbook:- http://www.ico.org.uk/pia_handbook_html_v2/html/0- advice.html Privacy Law compliance checks and Data Protection Act compliance checks are part of the PIA process – the questions to assess this are included in the proforma. Please complete all questions with as much detail as possible and return the completed from to:<your name> Information Governance, Security & Compliance Manager <your email address> Further guidance on specific items can be found on the Information Commissioner’s website. <your email address> Use scenario to complete the belowSection A: New/Change of System/Project General Details Name: Objective:
  • 10. Background: Why is the new system / change in system required? Is there an approved business case? Benefits: Constraints: Relationships: (for example, with other Trust’s, organisations) Quality expectations: Cross reference to other projects: Project Manager: Name: Title: Department: Telephone: Email
  • 11. Information Asset Owner: (All systems/assets must have an Information Asset Owner (IAO). IAO’s are normally the Heads of Departments and report to the SIRO) Name: Title: Department: Telephone: Email Information Asset Administrator: (All systems / assets must have an Information Asset Administrator (IAA) who reports the IAO as stated above. IAA’s are normally System Managers / Project Leads) Name: Title: Department:
  • 12. Telephone: Email Deputy Information Asset Administrator: (It is necessary that there is a deputy in place for when the IAA is absent from the workplace for whatever reason) Name: Title: Department: Telephone: Email Customers and stakeholders: Section B Privacy Impact Assessment Key Questions Question Response Ref to keyreq. e.g. IGTK, Small scale PIA etc 1. Will the
  • 13. system/project/process (will now be referred to thereafter as ‘asset’) contain Personal Confidential Data or Sensitive Data? If answered ‘No’ you do not need to complete any further information as PIA is not required. No Patient Staff Other (specify) 2. Please state purpose for the collection of the data: for example, patient treatment, health administration, research, audit, staff administration 3. Does the asset involve new privacy–enhancing technologies? Encryption; 2 factor authentication, pseudonymisation Yes No If yes, please give details: SS PIA (1) 4. Please tick the data items that are held in the system Personal Sensitive Name Address Post Code Date of Birth GP Consultant Next of Kin Hospital (District) No. Sex NHS Number
  • 14. National Insurance Number Treatment Dates Sex Diagnosis Religion Occupation Ethnic Origin Medical History Staff data (Pay, Union etc) Other (please state here): 5. Will the asset collect new personal data items which have not been collected before? Yes No If yes, please give details: SS PIA (5) 6. What checks have been made regarding the adequacy, relevance and necessity for the collection of personal and/or sensitive data for this asset? SS PIA (2 & 10) 7. Does the asset involve new or changed data collection policies that may be unclear or intrusive? Yes No SS PIA (9) 8. Is the third party contract/supplier of the system registered with the Information Commissioner? What is their notification number? Yes No Data Protection Act Notification Number: 9. Has the third party supplier completed an Information
  • 15. Governance Toolkit Return? Yes No If yes, please give percentage score: 10. Does the third party/supplier contracts contain all the necessary Information Governance clauses including information about Data Protection and Freedom of Information? Yes No IG TK 110 11. Does the asset comply with privacy laws such as the Privacy and Electronic Communications Regulations 2003 (see appendix for definition) Yes No Privacy Law Check 12. Who provides the information for the asset? Patient Staff Others – Please specify e.g. Interfaces from PAS 13. Are you relying on individuals (patients/staff) to provide consent for the processing of personal identifiable or sensitive data? Yes No 14. If yes, how will that consent be obtained? Please state: 15. How will consent and non consent be recorded? 16. If consent is not the basis for processing which legal justification is being used? Court Order Public Interest Other (detail below)
  • 16. 17. Have the individuals been informed of and have given their consent to all the processing and disclosures? Yes (explicit) No Yes (implicit in leaflets, on website) IGTK 18. How will the information be kept up to date and checked for accuracy and completeness? 19. Who will have access to the information within the system? 20. Do you intend to send direct marketing messages by electronic means? This includes both live and pre-recorded telephone calls, fax, email, text message and picture (including video)? Yes No Privacy Check 21. If applicable, are there procedures in place for an individual’s request to prevent processing for purposes of direct marketing in place? Yes No Privacy Check 22. Is automated decision making used? If yes, how do you notify the individual? Yes No Privacy Check 23. Is there a useable audit trail in place for the asset. For example, to identify who has accessed a record? Yes No
  • 17. IGTK 24. Have you assessed that the processing of Yes No personal/sensitive data will not cause any unwarranted damage or distress to the individuals concerned? What assessment has been carried out? 25. What procedures are in place for the rectifying/blocking of data by individual request or court order? 26. Does the asset involve new or changed data access or disclosure arrangements that may be unclear? Yes No SS PIA (12) 27. Does the asset involve changing the medium for disclosure for publicly available information in such a way that data become more readily accessible than before? (For example, from paper to electronic via the web?) Yes No SS PIA (14) 28. What are the retention periods (what is the minimum timescale) for this data? (please refer to the Records Management: NHS Code of Practice) SS PIA (13) 29. How will the data be destroyed when it is no longer required?
  • 18. IGTK 30. Will the information be shared with any other establishments/ organisations/Trust’s? Yes No IGTK, PIA 4 31. Does the asset involve multiple organisations whether public or private sector? Include any external organisations. Also include how the data will be sent/accessed and secured. Yes No 32. Does the asset involve new linkage of personal data with data in other collections, or is Yes No SS PIA (8) there significant changes in data linkages? 33. Where will the information be kept/stored/accessed? On paper On a database saved on a network folder/drive Website On a dedicated system saved to the network Other – please state below: 34. Will any information be sent off site If ‘Yes’ where is this informed being sent Yes No IGTK 208 & 308
  • 19. 35. Please state by which method the information will be transported Fax Email Via NHS Mail Website Via courier By hand Via post – internal Via telephone Via post - external Other – please state below: IGTK 208 & 308 36. Are you transferring any personal and / or sensitive data to a country outside the European Economic Area (EEA)? If yes, where? Yes No IGTK 209 37. What is the data to be transferred to the non EEA country? IGTK 209 38. Are measures in place to mitigate risks and ensure an adequate level of security when the data is transferred to this country? Yes No Not applicable IGTK 209 39. Have you checked that the non EEA country has an adequate level of protection for data Yes No Not applicable IGTK 209
  • 20. security? 40. Is there a Security Management Policy and Access Policy in place? Please state policy titles. Yes No SS PIA (11) 41. Has an information risk assessment been carried out and reported to the Information Asset Owner (IAO)? Where any risks highlighted – please provide details and how these will be mitigated? Was process approved by SIRO? Yes No Risk Ass 42. Is there a contingency plan / backup policy, or business continuity plan in place to manage the effect of an unforeseen event? Please provide a copy. Yes No Risk Ass 43. Are there procedures in place to recover data (both electronic /paper) which may be damaged through: Human error Computer virus Network failure Theft Fire Flood Other disaster Please provide policy titles. Yes No Risk Ass
  • 21. Evaluation 44. Is the PIA approved? If not, please state the reasons why and the action plan put in Yes No place to ensure the PIA can be approved Form completed by: Name: Title: Signature: Date: Information Governance Group Approval Name: Title: Signature: Date: Appendix – Glossary of Terms Item Definition Personal Data
  • 22. This means data which relates to a living individual which can be identified: A) from those data, or B) from those data and any other information which is in the possession of, or is likely to come into the possession of, the data controller. It also includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual Sensitive Data This means personal data consisting of information as to the: A) racial or ethnic group of the individual B) the political opinions of the individual C) the religious beliefs or other beliefs of a similar nature of the individual D) whether the individual is a member of a trade union E) physical or mental health of the individual F) sexual life of the individual G) the commission or alleged commission by the individual of any offence H) any proceedings for any offence committed or alleged to have been committed by the individual, the disposal of such proceedings or the sentence of any court in such proceedings Direct Marketing This is “junk mail” which is directed to particular individuals. The mail which are addressed to “the occupier” is not directed to an individual and is therefore not direct marketing. Direct marketing also includes all other means by which an individual may be contacted directly such as emails and text messages which you have asked to be sent to you. Direct marketing does not just refer to selling products or services to individuals, it also includes promoting particular views or campaigns such as those of a political party or charity. Automated Decision Making Automated decisions only arise if 2 requirements are met. First, the decision has to be taken using personal information solely
  • 23. by automatic means. For example, if an individual applies for a personal loan online, the website uses algorithms and auto credit searching to provide an immediate yes / no decision. The second requirement is that the decision has to have a significant effect on the individual concerned. European Economic Area (EEA) The European Economic Area comprises of the EU member states plus Iceland, Liechtenstein and Norway Information Assets Information assets are records, information of any kind, data of any kind and any format which we use to support our roles and responsibilities. Examples of Information Assets are databases, systems, manual and electronic records, archived data, libraries, operations and support procedures, manual and training materials, contracts and agreements, business continuity plans, software and hardware. SIRO (Senior Information Risk Owner) This person is an executive who takes ownership of the organisation’s information risk policy and acts as advocate for information risk on the Board IAO (Information Asset Owner) These are senior individuals involved in running the relevant service/department. Their role is to understand and address risks to the information assets they ‘own’ and to provide assurance to the SIRO on the security and use of those assets. They are responsible for providing regular reports regarding information risks and incidents pertaining to the assets under their control/area. IAA (Information Asset Administrator) There are individuals who ensure that policies and procedures are followed, recognise actual or potential security incidents, consult their IAO on incident management and ensure that information asset registers are accurate and up to date. These roles tend to be system managers Implied consent
  • 24. Implied consent is given when an individual takes some other action in the knowledge that in doing so he or she has incidentally agreed to a particular use or disclosure of information, for example, a patient who visits the hospital may be taken to imply consent to a consultant consulting his or her medical records in order to assist diagnosis. Patients must be informed about this and the purposes of disclosure and also have the right to object to the disclosure. Explicit consent Express or explicit consent is given by a patient agreeing actively, usually orally (which must be documented in the patients casenotes) or in writing, to a particular use of disclosure of information. Anonymity Information may be used more freely if the subject of the information is not identifiable in any way – this is anonymised data. However, even where such obvious identifiers are missing, rare diseases, drug treatments or statistical analyses which may have very small numbers within a small population may allow individuals to be identified. A combination of items increases the chances of patient identification. When anonymised data will serve the purpose, health professionals must anonymise data and whilst it is not necessary to seek consent, general information about when anonymised data will be used should be made available to patients. Pseudonymity This is also sometimes known as reversible anonymisation. Patient identifiers such as name, address, date of birth are substituted with a pseudonym, code or other unique reference so that the data will only be identifiable to those who have the code or reference. Information Risk An identified risk to any information asset that the Trust holds. Please see the Information Risk Policy for further information. Privacy Invasive Technologies
  • 25. Examples of such technologies include, but are not limited to, smart cards, radio frequency identification (RFID) tags, biometrics, locator technologies (including mobile phone location, applications of global positioning systems (GPS) and intelligent transportation systems), visual surveillance, digital image and video recording, profiling, data mining and logging of electronic traffic. Technologies that are inherently intrusive, new and sound threatening are a concern and hence represent a risk Authentication Requirements An identifier enables organisations to collate data about an individual. There are increasingly onerous registration processes and document production requirements imposed to ensure the correct person can have, for example, the correct access to a system or have a smartcard. These are warning signs of potential privacy risks. Retention Periods Records are required to be kept for a certain period either because of statutory requirement or because they may be needed for administrative purposes during this time. If an organisation decides that it needs to keep records longer than the recommended minimum period, it can very the period accordingly and record the decision and the reasons behind. The retention period should be calculated from the beginning of the year after the last date on the record. Any decision to keep records longer than 30 years must obtain approval from The National Archives. Records Management: NHS Code of Practice Is a guide to the required standards of practice in the management of records for those who work within or under contract to NHS organisations in England. It is based on current legal requirements and professional best practice. The code of practice contains an annex with a health records retention schedule and a Business and Corporate (non-health) records retention schedule. Data Protection Act 1998
  • 26. This Act defines the ways in which information about living people may be legally used and handled. The main intent is to protect individuals against misuse or abuse of information about them. The 8 principles of the Act state The fundamental principles of DPA 1998 specify that personal data must: be processed fairly and lawfully. be obtained only for lawful purposes and not processed in any manner incompatible with those purposes. be adequate, relevant and not excessive. be accurate and current. not be retained for longer than necessary. be processed in accordance with the rights and freedoms of data subjects. be protected against unauthorized or unlawful processing and against accidental loss, destruction or damage. not be transferred to a country or territory outside the European Economic Area unless that country or territory protects the rights and freedoms of the data subjects. Privacy and Electronic Communications Regulations 2003 These regulations apply to sending unsolicited marketing messages electronically such as telephone, fax, email and text. Unsolicited marketing material should only be sent if the requester has opted in to receive this information.