Kibata

Sign In

Our Services

Get 15% Discount on your First Order

Order Now
[rank_math_breadcrumb]

Discussion Board Peer Responses

Please see attachment 

Discussion Board Peer Responses

In responding to your peer’s posts, be sure to do the following:

• Ask at least one relevant question regarding their example scenario
and the roles defined within their RACI matrix.

• Discuss similarities and differences between your approach and that
of your peers; be sure to explain your line of thinking.

Peer 1:

Nathaniel

I used scenario 1 where in a healthcare organization, there is a need to
manage patient data securely, but beyond HIPAA, there are no explicit
regulations guiding data privacy practices. While HIPAA has regulations
around what to protect and guidelines around what can be shared, the how
you protect it is more open to a companies discretion.

This is where using the RACI matrix can be very useful. It structures who is
responsible, accountable, consulted, and informed in the development and
implementation of securing of sensitive data. From personal experience,
when there is a breakdown in following RACI matrix and including all
responsible parties, either a product is unable to be delivered or it does not
meet the business needs. For example, in one of my roles a business analyst
(responsible party) met with the customer without the developers (also
responsible party). The business analyst proceeded to tell the customer how
the application could be built, not realizing the data could not be brought
together the way they had described to the customer. This caused multiple
additional meetings and design sessions to get the customer to accept what
actually could be done vs what they had initially been offered. This same
scenario would apply when it comes to safeguarding data by designing the

application properly. A business analyst would not want to meet with a
customer, gather requirements, and commit to the customer what can be
done without including other responsible/accountable parties first. This will
ensure that the data the customer wants follows security guidelines and is
actually available to the customer.

For responsible parties you would have roles such as business analysts and
developers, those that get the work done. For accountable parties you can
have roles such as product owners and project managers, ones that make
sure responsible parties are meeting deadlines and that the project is
completed. For consulted parties you would have roles such as information
security and cybersecurity, making sure the project meets legal/security
guidelines. With how critical legal/security rules are, the consulted parties
would be involved throughout the process and help avoid rework for
developers. Finally you have the informed parties such as business owners
and stakeholders, ones that typically see the big picture of the project and
need to be kept in the loop on the milestones being met.

When there are no guiding regulations about handling sensitive data, start
by questioning if just because something can be done, should it. You can
use data to present the facts in a way that fits your narrative but not
entirely true, which would not be ethical and can result in poor decision
making. There is also the opportunity for data misuse, such as using data
collected in new ways. While this may not be a legal concern, it could be an
issue with how customers perceive it. Someone else had mentioned in their
post a couple weeks ago about Google actually gathering data when
someone is using incognito. This damaged customer trust, which is one of
the hardest things to get back.

Peer 2

Dan

In an e-commerce company that operates in a jurisdiction with limited regulations, accountability,
and responsibility is paramount when handling customer data. The Responsible-Accountable-
Consulted-Informed (RACI) matrix can be vital to keep employees informed on their roles in the
data handling process from the beginning to the final task. One of the main stipulations of the
RACI matrix is that “to foster accountability, tasks should not have more than one A entry in the
matrix to avoid diffusion of responsibility” (Ucertify, 2023). Essentially, by keeping one person
assigned to the A role for each task, the accountability lies solely on them and the blame cannot
be passed around if things fail. The other 3 roles are equally as important, as R is assigned to
people who will do the task, and C is for those who provide insight. I is for employees who will be
informed about the task but will not participate in its completion.

For the example of an e-commerce company, a few examples of individuals/departments
that may be involved in the matrix include a Data Protection Officer (DPO), Information Technology
department (IT), legal counsel, and management. One common task that could be used an
example as of where their RACI matrix responsibilities lie would be the collection of data. The IT
department would be assigned with the R role and be responsible for ensuring the system
collecting the data is secure and safe. The DPO would have the A role and be accountable for the
collection of the data and whether it follows the limited regulations that are in place and that
customer data is being protected. The legal counsel will be the C in the matrix as they will be
consulted by the prior two groups on how to set up the data collection systems per the pre-
established rules and regulations. The final part of the matrix is the I and that belongs to
management who will be informed of the process and success or lack thereof by the previous three
groups in regards to the task at hand.

In this example, because there are limited regulations that are currently in place, it can be
helpful to look at outside resources that can help guide the handling of sensitive data. One such
source is the General Data Protection Regulation (GDPR). While the GDPR may only be in place for
companies residing or doing business in the EU, it provides a great framework for businesses
outside of the EU to follow and build their specific regulations around it. Other industry best
practices can also be followed and consultation from a legal team who specializes in such
information can be invaluable.

References

Ucertify. (2023). Dat-250-14280: Certified Ethical Emerging Technologist. Lesson 8.

Ucertify.

  • Nathaniel

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Order Now

Related Questions

Article

Assignment Instructions Scenario: Technical managers are often required to explain technologies and make business cases to leadership.  Technology managers need the skills to summarize and assess technical articles and publications.  Then they need to make and pitch a business case to non-technical leadership/executives.  In my experience, managers that are capable of

CASE STUDY 4303

See attached. Policy Writing Approach Refer to “Case Study: Policy Writing Approach” found on page 102 of your textbook and copied below. Regional Bank has been growing rapidly. In the past two years, it has acquired six smaller financial institutions. The long-term strategic plan is for the bank to keep

SLP 3 – 25

Please help me Module 3 – SLP E-Business, E-Commerce, and M-Commerce The trouble with credit cards online is providing your credit card credentials to a seller. With companies such as PayPal, you do not have to provide those credentials to the seller and your credit card credentials are with the

Case 3 – 25

I need help Module 3 – Case E-Business, E-Commerce, and M-Commerce Assignment Overview The Case Assignment for this module involves your understanding the e-business sector as a component of the information technology revolution that is evolving from Web 2.0 to Web 3.0. As usual, we have identified some salient sources

SLP 2 – 25

I need help with my homework assignment!  Module 2 – SLP IT Services and Cloud Computing If Cloud computing is the greatest thing for business since sliced bread, then by extension, it certainly ought to be the greatest thing for education since chalk. In point of fact, a relatively large

Case 2 – 25

Need help please Module 2 – Case IT Services and Cloud Computing Assignment Overview The Case Assignment for this module involves thinking systematically about the IT services movement in general and about cloud computing as a particular instance of that approach. You will start by reviewing a number of sources

SLP 1 – 25

Need help with my homework Module 1 – SLP Web 2.0 and Social Networks The purpose of the Session Long Project in Trident University classes is to give you the opportunity to explore the applicability of the module to your own life, work, and place in space and time, and

Case 1 – 25

I need help with my homework please.  Module 1 – Case Web 2.0 and Social Networks Assignment Overview In this Case Assignment, you are exploring the technological underpinnings of the Internet. The objective of this Case is to better understand the evolution of the Web from Web 1.0 and Web

SP DB

See attached. In your own words, please discuss a cybersecurity policy with which you are familiar. The example can come from work, school, or a business relationship. You can also research organizational policies posted online. Give a brief description of the policy. What is the purpose and value of the

Changes in existing interview question for Info I’m attaching th topic

Topic:   Enhancing Cybersecurity in IoT Networks: A Comprehensive Study on Threat Detection and Mitigation Strategies · Details about the research (Background, methodology, research questions) · ·  The rapid proliferation of IoT devices has opened up new avenues for cyber threats. Securing these devices has become increasingly complicated, as over 75 billion

Active directory automation

Need help to get an assignment done. Requirements are VMware, windows server core (not the full GUI). PowerShell Automation for Active Directory Submission Template Screenshot 1 Onboarding New Users from CSV Single screenshot showing: Script output (e.g. “Created user: jdoe”). Get-ADUser results for those SamAccountNames. Your custom prompt (server name

HIMS 11

  Assignment Instructions:  Using the Patient Healthcare Data in the attached Excel file (attached below), construct a 3-D Clustered Column Chart depicting the three healthcare parameters (weight, height, age), and title this chart ” Patient Healthcare Data” at the top center and show Legend at the bottom. After reviewing the

Governance, Ethics, and Security

 Assume the role of an IT security consultant who has been contacted by a company to provide them with a written code of IT conduct for its employees and a security policy for the firm. In preparation for undertaking this large job, prepare a proposal explaining what topics you will

Cloud-Based Management and Analytics

Final Project Topic: (5 pages research paper) Topic: Data Management and Analytics: Explore how enterprises use cloud-based data management and analytics tools to drive business decisions and gain competitive advantages. Competitive advantages through cloud analytics: Citation: Cooper, A. (2020). How Netflix Uses Big Data and Analytics to Drive Success. Forbes.

Powtoon commercial

see attached file Powtoon Commercial Project Do not pay for anything on this site! Learning animation can be very challenging yet very fun. Navigate to the Powtoon website, click Pricing in the top menu, scroll down, and click FREE Start Now $0 free. Create an account if you do not

HIMS W12D12

 What is Big Data in healthcare? How is it generated in a typical healthcare facility, like a hospital? What two common formats are used, and what are the advantages and disadvantages of each? How is this data used for unraveling hidden trends, strategic planning, and operational decision-making?  What are the

INFA W12D12

  In the discussion this week, you and your peers are asked to consider and discuss information security career pathways relevant to your personal goals and career plans. Where are you currently in your career? What is the next level up or sideways for you in your desired career field?

CASE 4 – 40

i need help please Module 4 – Case Database Systems and Knowledge Base Assignment Overview The Case Assignment for this module considers the emerging and important trend toward what is called “open-source software.” The Background Information contains material regarding this movement; its effect is being felt in many different areas