Lets do some risk analysis on Trent's information assets. Trent stores many types of information and three of these are: Faculty information (username, password, department, etc.), Finance (student loan information, tuition payments, etc.) and Nonacademic staff information (names, addresses, employment history, etc. of everyone who works at Trent that is not directly involved in teaching or marking). Only part D needs answering all other answers are incorporated into these questions.

a) Describe who would want to illegally access this type of information and why:

Faculty data are sensitive data. It includes username password and like this. The cyber attackers are a breach of this type of data. Attackers can access the bank accounts attackers can illegally access the financial information of students and non-acadamic staff information. Using each detail, attackers can misuse the details or steal sensitive data.

b) Consider what the impact would be for EACH of the three types of information mentioned above if the information was improperly accessed or damaged:

Because of this information access, it creates various problems. It affects individuals and the institution loss it's reputation, This access lead to many consequences. it causes cyber threatens. Once attackers read data, they can also make changes in data. Depending on the data, the consequences are leaking confidential information, corruption of database etc. Through this, they access personal information and financial.

c) The likelihood is that EACH type of information could be accessed or damaged:

faculty- very likely

financial- very likely

non-academic -very likely

d) [6 marks] Now lets look at how we can manage the risk. Basic techniques are: avoiding the risk, modifying the risk (impact and/or likelihood), transferring the risk to others, and accepting the risk. What techniques would you use for EACH of the types of information and how would you implement it?

This is all the info given in the question. It contains answers from a pervious post but since the question was too long it needed to be reposted for part d