BCS Business Processes

Question 1

What is the computer misuse act?

Answer 1

The CM act protects personal data held by organisations from unauthorised access to computer material.

Question 2

What is the data protection act?

Answer 2

The DPA protects the privacy of data held on individuals by businesses and other organisations. It makes sure the user has access to their data.

Question 3

What is the GPDR?

Answer 3

General Data Protection Regulation

It protects European Union customer data, and hopes to reduce the severity of security breaches of personal data on the web.

Question 4

What is ISO 27001?

Answer 4

International Standard for an ISMS (Information Security Management System)

Question 5

What is an ISMS

Answer 5

A system for managing information security effectively.

Question 6

Give me an example of how a business uses ISO 27001

Answer 6

regulating passwords for users

Controlling access to online sites

Managing the risk of supplies.
e.g. 3rd party providers

Question 7

Give me an example of using the computer misuse act?

Answer 7

Hacking into someones device

unauthorised access to someones files

Question 8

Give an example of using the data protection act

Answer 8

Having unauthorised access to confidential information.

Question 9

What are the first 4 data protection principle acts?

Answer 9

1. ) Personal data shall be processed fairly and lawfully
2. ) Personal data must be obtained and processed for specified lawful purposes.
3. ) Personal data shall be adequate, relevant and not excessive.
4. ) Personal must be accurate and kept up to date.

Question 10

What are the last 4 data protection principle acts?

Answer 10

5. ) Personal data shall not be kept for any longer than is necessary.
6. ) Personal data shall be processed in accordance with the rights of data subjects.
7. ) Personal data must be kept safe and secure at all times.
8. ) Personal data shall not be transferred outside the European area unless sufficient protection is ensured.

Question 11

Who enforces the data protection act?

Answer 11

The Information Commissioner’s Office (ICO)

Question 12

What is the difference between on premise and off premise?

Answer 12

On Premise: A solution hosted in house and usually supported by a third party.

Off Premise: A solution hosted by a third party and usually supported by a different third party.

Question 13

Define Infrastructure as a service (IaaS)?

Answer 13

A service model that delivers computer infrastructure to support operations

Question 14

Define Software as a serivce (Saas)?

Answer 14

A software distribution model in which a 3rd party provider hosts applications and makes them available to customers over the internet.

Question 15

Define Platform as a service (PaaS)

Answer 15

A Cloud computing model in which a 3rd party provider delivers hardware and software tools to users over the internet.

Question 16

What is the difference between Agile and Waterfall methods of software development?

Answer 16

The Agile method is known for its flexibility.

The waterfall method is structured towards software development.

Question 17

what is the GDPR

Answer 17

General Data Protection Regulation

The legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU).

Question 18

How many principles are in the GDPR

Answer 18

7.

1. ) Lawfulness, fairness and transparency
2. ) Purpose Limitation
3. ) Data Minimisation
4. ) Accuracy
5. ) Storage Limitation
6. ) Integrity and Confidentiality
7. ) Accountability

Question 19

What is a standard operating procedure (SOP)

Answer 19

a set of step-by-step instructions compiled by an organization to help workers carry out complex routine operations.

SOPs aim to achieve efficiency, quality output and uniformity of performance, while reducing miscommunication

Question 20

Give me some examples of confidential information

Answer 20

• bank details,
• contact information
• date of birth, name and age

Question 21

What is confidential information

Answer 21

any information or document that a business or individual wishes not to make public.

Question 22

What is not classed as non-confidential information

Answer 22

Any information or document which is open to the public.

Question 23

What is an example of non-confidential information

Answer 23

Census records

Question 24

What are the benefits of using SOP’s

Answer 24

• Efficiency
• Save on Training Costs
• simplify performance management

Question 25

What is a disaster recovery plan

Answer 25

a plan for business continuity in the event of a disaster that destroys part or all of a business’s resources, including IT equipment, data records and the physical space of an organization.

Question 26

What is an IT disaster recovery plan

Answer 26

The plan should include a strategy to ensure that all critical information is backed up. Identify critical software applications and data and the hardware required to run them. Prioritize hardware and software restoration.

Document the IT disaster recovery plan as part of the business continuity plan.

Question 27

what is the freedom of information act 2000?

Answer 27

A right of access to all types of recorded information held by most UK public authorities

Question 28

What are the 8 principles of data protection?

Answer 28

1. ) Fair and Lawful
2. ) Specific for its purpose
3. ) Be adequate
4. ) Accurate and up to date
5. ) Not kept no longer than needed
6. ) Take into account peoples rights
7. ) Kept safe and secure
8. ) Not to be transferred outside the EU