Information that comes from within an organization.
Internal financial reports, such as the level of sales being made in different markets or the cost of running the transport fleet of lorries; or market analysis, which is internally produced report into how international and national markets are faring.
External source:
Information that comes from outside the organization.
Supplier price lists of products and the price charged for them, and financial reports from a third party, which would have the same focus as internally produced financial reports, but would be produced by someone outside the organization.
Primary data
Data that you collect, rather than buy from a third party.
Reports that have been created by employees, such as the result of a period of observation outside a cinema, counting how many males and females went in.
Secondary data
Data that has been collected by others outside the organisation.
Includes survey results that have been collected for a different organisation or factual information provided by third party, such as the prices charged by an organisation.
Qualitative data
Data that describes.
Their opinion about a new initiative.
Quantitative data
Data that has been gathered by measurement.
The number of staff working in an organization.
Level 0 DFD
Sometimes called 'context diagrams'
Show a data system in little detail, but allow the user to get an idea of how data flows through a system as a whole.
Show the transfer of data in a simple manner
Data may be generalized and not shown separately, for a more basic overview.
Level 1 DFD
DFDs that focus on one system and are therefore in more detail than a level 0 DFD.
Show the transfer of data in a more detailed manner.
Processes are shown separately, for a more complex and realistic overview.
what does this standard symbol represent?
external entity
what does this standard symbol represent?
process
what standard symbol represent?
data store
what does this standard symbol represent?
data flow
confidentiality
Information can only be accessed by individuals, groups or processes authorized to do so
integrity
Information is maintained, so that it is up to date, accurate, complete and fit for purpose
availability
Information is always available to and usable by the individuals, groups or processes that need to use it
Unauthorized or unintended access to data
e.g. espionage, poor information security policy.
Any time data is seen or used by those who should not see or use it. The reasons may be deliberate or accidental.
Impacts: competitors may gain an advantage from seeing it,
Accidental loss of data
e.g. human error, equipment failure.
Accidental loss refers to a loss of data itself rather than a loss of a copy or version of the data
Can be caused by human error
Can be caused by a technical error or equipment fault- backup failure.
Impacts: if the lost data Is personal- DPA breach- prosecution.
Intentional destruction of data
e.g. computer virus, targeted malicious attack generally seen as being motivated by a desire to harm the organization that holds the data. Examples include computer viruses that delete or encrypt data that is held or targeted attack that involves a third party accessing the data and deleting it. 1. data needs to be replaced, which could result in loss of reputation and trust as well as costing money 2. the loss can be ignored this means any positive impact of being able to use the data is also lost.
So the impact depends on the relevance of the data lost.
Intentionaltampering with data
Tampering with data means that data is changed in some way, but is still available. there are a number of reasons for this. the impact on the data the data-holding organization would be that decisions based on that data would be flawed. A secondary impact may be a negative effect on the reputation of that organization, as they are seen as having poor data security.
impacts affecting the flow of information:
information characteristics e.g. info is entered incorrectly, causing delays.
human error e.g. info is lost or staff dont follow protocol.
communication breakdown e.g. meetings postponed
hardware failure e.g. network connection breaking or system failure.