Unit 2 - Global Information
- Created by: danny.revill21
- Created on: 08-05-17 11:25
Information Formats
2 Main Types Of Websites
- Static
- Dynamic
A static site is one that is usually written in plain HTML and what is in the code of the page is what is displayed to the user. (spiderwriting.co.uk)
A dynamic site is one that is written using a server-side scripting language such as PHP, ASP, JSP, or Coldfusion. In such a site the content is called in by the scripting language from other files or from a database depending on actions taken by the user. (spiderwriting.co.uk)
Advantages of using a Dynamic Website
- By connecting them to databases you can easily pull in information in an organised and structured way to create product pages or categories of related products sorted in a variety of different ways depending on how the user wants to view them. (spiderwriting.co.uk)
- This ability to connect to a database means that you can also create a content managment system an interface which allows the client to input and manage data via a web-based series of administration pages.(spiderwriting.co.uk)
- There are little or no ongoing costs unless there is a change in the basic design or an extra capability added. (spiderwriting.co.uk)
Principles of Information Security
CIA = Confidentiality, Integrity, Availability
Issues when anonymsing data
Hightened risk of breaching the individual's rights to privacy
LO2 - 2.1 Information Styles and their uses
text (different character sets, e.g. Western, Cyrillic, Arabic, etc.)
graphic (e.g. logo, photograph, diagram)
video (e.g. instructions on how to carry out asoftware update, live broadcast of a music festival)
animated graphic (e.g. pop-up book character,operation of the human heart)
audio (e.g. spoken instructions, music track)
numerical (e.g. profit, date and time)
braille text (e.g. written report printed on a Brailleprinter)
tactile images (e.g. NASA's Hubble SpaceTelescope images converted into tactile images forpeople who cannot explore the images by sight)
subtitles (e.g. translated speech for a film in aforeign language)
boolean (e.g. yes or no answer on a form)
tables and spreadsheets (e.g. simple databasetables and spreadsheets)
charts and graphs (e.g. identifying trends, makingcomparisons
LO2 - 2.2 Information Classification
sensitive
non-sensitive
private
public
personal
business
confidential
classified
partially anonymised
completely anonymised
impacts on different stakeholders
LO2 - 2.3 Quality of Information
• characteristics (e.g. valid, bias, reliable, comparable)
• importance of good quality information to stakeholders (e.g. innovation, agility, improved strategic decision making and focus)
• consequences of poor quality information on stakeholders (e.g. misinformation, reputational damage)
LO2 - 2.4 Information management
collecting, storing and retrieving (e.g. adding a new member to a cycling club membership database)
manipulating and processing (e.g. producing a graph from a table of data)
analysing (e.g. looking for patterns in annual rainfall in an area)
securing (e.g. storing patient records on an encrypted hard drive)
transmitting (e.g. posting a printed school report to a parent)
impact on individuals and organisations (e.g. additional costs associated with keeping sensitive information secure)
LO3 - 3.1 Data versus Information
data-raw, unorganised facts that need to be processed, information-data which is processed, organised and structured into a meaningful context.
LO3 - 3.2 Categories of information used by indivi
communication (e.g. to send an email to a relation living overseas)
education and training (e.g. by a student to check their current grades on a hand written feedback sheet from their teacher)
entertainment (e.g. to read a film review in a magazine)
planning (e.g. to use a shared electronic diary to arrange meeting dates)
financial (e.g. to use a bank statement to help plan saving for a holiday)
research (e.g. to look up a recipe online)
location dependent (e.g. to search for emergency dental care when on holiday)
benefits and limitations
LO3 - 3.3 Categories of information used by organi
create an accurate model of key markets)
management information systems (MIS) (e.g. to monitor staff training in a hospital; the location and contact details of each charity worker in a disaster area; personnel record of all staff)
marketing, promotion and sales (e.g. to identify patterns or trends in sales figures)
financial analysis and modelling (e.g. to determinethe top selling products; cash flow each week over a year)
contact management (e.g. to keep track ofappointments at a doctor’s surgery)
decision making (e.g. to decide the number of tentsto be sent to a disaster area by a charity; thepercentage of faulty items made each month by amanufacturer)
internal and external communication (e.g. to informall staff of office closures over the Christmasperiod)
big data, i.e.:
oany data that is either too large or too complexfor traditional data analysis techniques to beused, e.g. the annual web clicks of a majoronline retailer, health data on the population ofan entire country
benefits and limitations
LO3 - 3.4 Stages of data analysis
identify the need (e.g. what information is needed?what do we want to find out?)
define scope (e.g. content, detail, timescales,constraints)
identify potential sources (e.g. sales figures,customer surveys)
source and select information (e.g. determineaccuracy and reliability of sources, selecting thebest)
select the most appropriate tools (e.g. charts,graphs, regression, trend analysis)
process and analyse data (e.g. set up a spreadsheet to produce a graph)
record and store information (e.g. write a report based on the results of the processing)
share results (e.g. send the report to stakeholders)
LO3 - 3.5 Data Analysis tools
data tables (e.g. a database table of patients)
visualisation of data (e.g. a pie chart showing sales of five leading trainers)
trend and pattern identification (e.g. a line graph of last year’s sales per month)
data cleaning (e.g. removing customers who have not made a purchase in the last two years)
geographic information system/location mapping (e.g. tracking the movement of shipping containers around the world)
LO3 - 3.6 Information system structure
- open systems
- closed systems
- characteristics
- benefits and limitations
LO4 - 4.1 UK Legalistion and regulation relating t
- Current UK legislation and regulation
Data Protection Act (DPA) 1998
Regulation of Investigatory Powers Act (RIPA) 2000
Protection of Freedoms Act 2012
Privacy and Electronic Communications
Regulations 2003 (amended 2011)
Freedom of Information Act 2000
Computer Misuse Act 1990
Information Commissioner’s Office (ICO) codes of practice
Copyright, Designs and Patents Act 1988
Equality Act (EQA) 2011
LO4 - 4.2 Global information protection legislatio
regulation relating to data protection outside the UK (e.g. USA, France, Far East and Africa)
comparison between data protection legislation and regulation in different countries (e.g. similar legislation in many countries, but not all)
UN Convention on the Rights of Persons with Disabilities (UNCRPD):
LO4 4.3 Green IT
global requirements on organisations and individuals
United Nations Climate Change Summits
UK Government policy (e.g. Greening Government ICT Strategy (2011))
reducing carbon footprint
purpose (e.g. sustainability)
benefits (e.g. enhanced brand image, reduced energy costs)
LO5 - 5.1 Information sources and data types
internal source (e.g. internal financial reports, market analysis)
external source (e.g. supplier price lists, financial report from a third party)
primary data (e.g. reports direct from employees, foot measurements taken in a shoe shop)
secondary data (e.g. survey results received from a market research organisation, interest rate charged on a loan from a bank)
qualitative data (e.g. the colour of products, the names of employees)
quantitative data (e.g. expiry date of medicines, the number of staff working in an organisation)
purpose
LO5 - 5.2 Data flow diagrams
external entities
processes
data stores
data flows
standard symbols used
connectivity rules for drawing Level 1 DFDs
at least one input or output for each external
entity
data flows only in one direction
every data flow is labelled
every data flow connects to at least one process
at least one input data flow and/or at least one output data flow for each process
• impacts affecting the flow of information in information systems
LO6 - 6.1 Principles of information security
confidentiality – information can only be accessed by individuals, groups or processes authorised to do so
integrity – information is maintained, so that it is up to date, accurate, complete and fit for purpose
availability – information is always available to and usable by the individuals, groups or processes that need to use it
LO2 - 6.2 Risks
unauthorised or unintended access to data (e.g. espionage, poor information security policy)
accidental loss of data (e.g. human error, equipment failure)
intentional destruction of data (e.g. computer virus, targeted malicious attack)
intentional tampering with data (e.g. fraudulent activity, hacking)
LO3 - 6.3 Impacts
loss of intellectual property
loss of service and access
failure in security of confidential information
loss of information belonging to a third party
loss of reputation
threat to national security
recent cases of failures of information security
LO6 - 6.4 Protection measures
- Policies
staff access rights to information
responsibilities of staff for security of information
disaster recovery
information security risk assessment
effectiveness of protection measures
training of staff to handle information
LO6 - 6.5 Physical protection
locks, keypads and biometrics used on:
o workstations
o server room access
placing computers above known flood levels
backup systems in other locations
security staff
shredding old paper based records
LO6 - 6.5 Physical protection
locks, keypads and biometrics used on:
o workstations
o server room access
placing computers above known flood levels
backup systems in other locations
security staff
shredding old paper based records
LO6 - 6.6 Logical protection
tiered levels of access to data
firewalls (hardware and software)
anti-malware applications
obfuscation
encryption of data at rest
encryption of data in transit
password protection
Comments
No comments have yet been made