all 10 mark questions Flashcards
Q3) Discuss the importance of physical protection methods in maintaining the integrity and safety of parcels during transit (10)
Mark Scheme:
They help prevent damage, theft and loss, ensuring that parcels reach their destinations intact is crucial for customer satisfaction.
GPS tracking systems can be installed in the courier’s vans to monitor real-time locations, which helps in tracking any potential issues during transit
Biometrics, which require human characteristics such as fingerprints, to ensure that only authorized personnel can handle the parcels. Ensures only staff and verified couriers can access sensitive areas.
Locks on delivery vans and storage facilities, preventing unauthorized entry into storage areas or delivery vans, reducing the risk of theft or tampering with parcels, therefore PHPS maintains customer trust.
Customers can track their information. Tracking info can be sent by email.
Discuss the benefits and limitations of using this communication method. [10]
Benefits
- Emails are delivered extremely fast
when compared to traditional post.
- Emails can be sent 24 hours a day,
365 days a year.
- Webmail means emails can be sent
and received from any device,
anywhere in the world, that has an
internet connection
-Cheaper than using traditional post
- Emails can be sent to one person
or a group
- Attachments can be sent
Limitations
- The recipient needs access to the
Internet to receive email.
- Viruses are easily spread via email
attachments
- Phishing
- No guarantee the mail will be read
until the user logs on and checks
their email.
- Possible incompatibility between
system for opening attachments
- Emails may go into junk/spam
folder and be deleted without being
seen
- Is not always guaranteed to be
delivered
PHPS holds personal details relating to its customers registration details when logging onto the PHPS website.
Discuss the impacts of the Data Protection Act (DPA) on PHPS when handling this personal information. [10 marks]
A data controller must be appointed and register with the Information Commissioner. This person is responsible for ensuring PHPS complies with the DPA.
PHPS should then follow the 8 principles of the DPA when handling customer’s personal information.
They need to be CLEAR to the customers on what type of INFORMATION (e.g payment details, names, contact numbers…etc) they are collecting & what they are using it for which is to MANAGE PARCEL DELIVERIES.
Also the data should be relevant to them managing parcel deliveries, while also checking the data is ACCURATE AND UP TO DATA prior to making parcel deliveries.
Once the deliveries are completed, they should remove the data.
Finally, they need to make sure the data is secure by implementing security measures (e.g encryption) and doing regular data backups. This then prevents another breach from happening again, and them then having a loss of reputation / a decline in customers + trust.
Their customers also have the right to modify their data if it is incorrect through them making a SAR (Subject Access Request)
When PHPS operates internationally what should it make sure other companies do ?
they should make sure the other companies comply with the DPA act as well/ or get consent from the customer for when they are handling their data.
Consequences to PHPS for noncompliance with DPA
Consequences:
~ Damage to reputation
~Loss of customers / MAT
~Less income for PHBC
~Increased costs
~New hardware
~New software
~New security protection
~Staff training
~Loss of trust
~Customers / MAT who have
contact data stored
PHPS company recently had a breach in security relating to its customer
database.
Explain how the Computer Misuse Act (CMA) has been broken during this security breach. [6]
Makes it illegal to gain unauthorised
access to computer material (1) the
breach (1) means that access has
been gained (1)
Unauthorised access with the intent
to commit further offences (1) data
may have been stolen (1) to enable
identity theft to take place (1)
Unauthorised alterations may have
been made (1) account details may
have been changed (1) to the
benefit of the hackers (1)
Examples include:
-The breach means that access has
been gained to the hardware /
software
-Changes to data / information may
have been made
-Data / information may have been
stolen
-Identity theft may occur if personal
details have been stolen
-Details may have been changed to
the benefit of the students
Discuss the importance of PHPS collecting good quality information when managing parcel deliveries
. [10 marks]
Good quality information is accurate, reliable, valid, up-to-date, relevant, and complete. For a courier service like PHPS, this ensures smooth operations, customer satisfaction, and legal compliance.
Accuracy:
Ensures customer addresses, contact numbers, and parcel data are correct.
Prevents misdelivery or failed collection.
e.g., If a postcode is wrong, the parcel might go to the wrong location.
Validity:
Data like tracking numbers follow a specific format (LLNNNNL) — this helps in easy identification and traceability of parcels.
Real-time GPS data helps couriers navigate effectively.
Completeness:
PHPS must collect all relevant details: name, email, address, phone, payment info, and parcel contents.
Missing information could delay or prevent a successful delivery or registration.
Relevance:
Only essential info should be collected to meet GDPR requirements.
E.g., collecting unnecessary personal details could be seen as intrusive or unlawful.
Reliability:
Customers rely on tracking data and SMS/email updates, so the data must be consistently correct and accessible.
🧠 Link to LO2.2:
According to LO2.2, quality information allows better decision-making, greater efficiency, and helps organisations like PHPS avoid financial loss and reputational damage.
Discuss the possible impacts that poor quality information could have for PHPS. [10 marks]
Poor quality information can have serious negative effects on PHPS’s operations, reputation, and customer satisfaction.
One major risk is misinformed decision-making. If the data collected from customers is inaccurate, not valid and irrelevant —such as incorrect delivery addresses, contact numbers, or parcel details—couriers may struggle to deliver parcels efficiently.
Negative impact of poor quality information:
* on reputation due to negative reviews from
customers online.
on ability to respond to customers’ needs.
on delivery times caused by inaccurate stock
information.
on profits due to poor management decisions
based on out of date information.
on sales due to declining customer base.
on returns as incorrect items sent out due to
unreliable order details.
The booking parcel collection and delivery service website holds details of the parcel collections booked by customers.
Discuss how logical protection methods could be used to maintain the security of the booking parcel collection and delivery service website. (10)
A discussion of the logical protection methods that could be used to maintain security to include: Indicative content
· Tiered levels of access to limit accessibility to the customer’s personal details. (Example: customer addresses, their payment details, tracking numbers…etc.) This can be used with user ID & passwords to set the access level. The access levels can be related to a person’s job role and what the person is allowed to do with the personal details e.g. read / write / edit. This protects the customer details from being accessed without authorisation.
Firewall to monitor network traffic/data packets that could be harmful to the PHPS website. The traffic that does not meet the pre-defined rules will be denied access. ·
A password restricts access to the database so without a correct password the contents of the website/database cannot be accessed · Passwords and user ID can be combined to authenticate the user so access to the PHPs website/ database can be limited to a specific group of users
· Obfuscation can be used to make the personal details unintelligible. · Encryption of the personal details at rest, the personal details are encrypted when they are stored. If the device is hacked or stolen then, without the decryption key, the data cannot be unencrypted.
Discuss how the principles of information security, including the risks and impacts, should be considered by PHPS when handling customer and delivery information, to stop a data breach from occuring again. (10)
Principles: The key principle of confidentiality means that only authorised PHPS staff should access customer details such as addresses, payment information, and tracking data. For example, only employees who are managing deliveries or customer accounts should view or edit this data. Integrity is also crucial; the data must be accurate and up-to-date. If a customer’s address is recorded incorrectly due to poor data handling, parcels could be delivered to the wrong location, causing major customer dissatisfaction. Additionally, the principle of availability must be upheld, meaning that customer and parcel tracking information should always be accessible when needed, such as when a customer checks the status of their delivery.
Risks:
There are several risks, such as unauthorised access to data, if hackers break into the PHPS system this could result in data theft of customer’s sensitive information, or accidental loss of parcel information through equipment failure could then lead to the website crashes. Having the data be intentionally changed, will then cause wrong delivery updates.
Impacts:
The impacts could be serious. If PHPS loses customer trust due to a data breach, it could damage their reputation and lead to a loss of business. If tracking information is lost, parcels might not be delivered on time, causing customer complaints. Breaching data laws like GDPR could also lead to fines and legal problems for PHPS.
To prevent this, PHPS should have strong security measures like passwords, encryption, and regular data backups.
