Information Management and Security
Business Brief for Tasks 2 & 3
Graeme’s Music School is a small, but rapidly growing business operating out of Geelong. The business began as a means for Graeme to follow his passion for playing guitar and offering music lessons for both adults and children. As much as he enjoys playing live music, it is not a very profitable occupation, so Graeme also teaches music.
Within a year of beginning this business Graeme was approached by other teaching musicians looking for opportunities to teach students various instruments and singing styles. Not long after, he became an agent for selling Australian made acoustic Maton and Cole Clark guitars (see:www.maton.com.au and www.coleclarkguitars.com). While most of his guitar sales are mostly local from Victoria, there have been online sales to all Australian states and territories
Three years later, Graeme finds his online and off-the-shelf acoustic guitar sales is making a reasonable income from the 20% commission that he charges both
manufacturers for one-of orders for individually built, bespoke guitars made for
individual orders and 50% markup for regular acoustic guitars sold off-the-shelf on the business premises and through the online businesses.
The music school side of the business has also expanded, and he has 15 musicians who are teaching music into groups of students organised into classes;
and the demand is still increasing. Approximately two thirds of the classes are for school age children, and one third is for adults. The music school keeps track of which musicians have a “Working with Children Check” card and its expiry date, and the age of musicians to ensure that only approved adults can teach children
Graeme’s Music is now carrying out the following core business operations:
Acting as an agent for Maton and Cole Clark Guitars to arrange orders for bespoke acoustic guitars
Online and off-the-shelf sales of regular acoustic guitars
Booking students into classes that music teachers teach
Booking music teachers to teach classes of students
So far, his business has been operating with temporary notes scribbled on notebooks in combination with a series of disorganised spreadsheets. But these tools are becoming inefficient and increasingly inapt at managing the growing demands of the business. A transition to an information system is urgently needed
Task 2: EER (Enhanced Entity-Relationship) Model
You are employed as a business analyst at Dalton Innovative, a business consulting firm. Your task is to investigate and develop a data model (an EER model) for the back-end database in the newly proposed system. The back-end database will store all the critical data and support all core business operations mentioned above.
EER diagram should contain the following components: Entities, named relationships, attributes (with primary keys denoted), any subtypes and cardinalities for all relationships.
NOTE: The design of any payments system is outside the scope of this work.
TASK 3: Security Research Report
After being alarmed by the recent security incidents reported in the media, Graeme decodes to employ a part-time System Administrator to manage system security.
Identify 6 security threats to the proposed system (Select from a mix of threat categories: Internal versus external, deliberate versus unintentional).
Classify each threat on a probability-impact matrix and explain your reasoning for the classification.
For each threat which of the risk control measures would you reccomen3ed? Justify your selection. If you have opted for avoidance or mitigation of risk, clearly explain the policies, measures or strategies that need to be put in place to achieve the desired outcomes.
