Information Security At Woolworths Assignment Answers


  • Internal Code :
  • Subject Code :
  • University :
  • Subject Name : IT Computer Science

Informed Trading and Cybersecurity Breaches

Table of Contents

Executive Summary.

Introduction.

Description.

Conclusion.

References.

Executive Summary of Information Security at Woolworths

The report explains about the requirements of securing information and personal information in Woolworth. This report concludes the requirement of collecting information from customer and also gives details about the importance of developing the security system. The different threats and vulnerabilities are also explained.

Introduction to Information Security at Woolworths

Woolworth is the largest supermarket of Australia having the most trusted and famous brands for retail purpose. This is owned by the Woolworths group and founded in 1924. It provides a huge variety to the huge number of customers through online and offline both modes. The operating team of Woolworths is consists of 2, 01,000 team members and works across Australia with 3000 stores to serve 29 million customers (Woolworthsgroup.com.au. n.d.). Woolworths have direct contact with the farmers and growers to ensure the best and fresh quality of products. Also they give a slogan “Australia’s Fresh Food People” for promoting the freshness of products produced by Australian farmers. Woolworths provides innovative and simple ways to the customers for shopping comfortably and conveniently. Woolworths also helps the customers in operating the app of Woolworths Supermarket. Woolworths provide large variety in home ware, food, fashion and beauty. Woolworths are specialized for groceries products like fruits, vegetables, meat and packed food items but also provides DVDs, beauty and heath products, baby and pet supplies, household products and stationeries. Woolworth also provides services of home delivery therefore known as “Home Shop”. Woolworths provides loyalty schemes to their customers after purchasing to a certain amount of products.

Description on Information Security at Woolworths

The term infosec used for information security system and main motive is to protect the personal information and data and timely identification of threats and challenges so that organization works effectively with its strengths and opportunities (Biyela, 2018). The Information security team identifies the threats of company in various forms like theft of information, theft of data, theft of property, software equipment, theft of equipment. Information security team implements various techniques and strategies for preparing security policies. Woolworths provides various rewards and credit card facilities to their customers with the incentives and discounts. For taking cards the customers have to give their details for registration. Therefore it is very essential for the Woolworths to retain their customer’s information safely and for long period of time. Woolworths provides their privacy policy to general statement so that they feel safe in sharing their personal information with Woolworths. The Privacy Policy contains following points (Woolworths Group Privacy Policy, 2018):

Respecting your privacy: The Woolworths are committed with their privacy policies and laws related to customers and organization. The privacy policy outlines the personal information of management practices like: The type of information they collect and retain, how they collect and retain, the purpose of collecting and retaining the information, provide right to alter or check the information, process of complaining for privacy matters, able to see the sharing of information (Woolworths Group Privacy Policy, 2018).

Type of personal information Woolworth collects and retains: Only necessary information is collected and retain in the business. They collect information like: Personal details such as name, contact number, addresses, age and gender; customer’s reference of loyalty card number; the offerings taken by customers like clubs program, mobile applications, loyalty programs and financial service products; details related with rewards and redemption of membership of loyalty programs; relation with any member of loyalty program. Various products and services demands information regards health also. For example in case of selection of mostly sugar free items, information must be collected from customer about diabetes for suggestion of more products.

How they collect and retain the personal information: The personal information is collected for recording purpose when organization wants to register the customer, create an account, communicate with the, invite them for participating in promotions, surveys, testimonials and competitions. Also Woolworth can collect the data for assessing the taste and preferences of customers. Such data are collected when customer go through websites, social media accounts or mobile applications of Woolworths. Also the preferences are recorded by clicking over the online advertisements. Most of the information is collected directly from customers and some information is indirectly taken from third source or common source (Govender, 2017).

Why they collect, hold, use and disclose the personal information of customers: The information are collected for promoting goods and services of Woolworths. For getting the tastes and preference in which mostly customers are interested. Collect information for investigating about the complaints and enquiries of customers. The information is disclosed only to the group of organization for promotion and informing the customers about the sale of goods and services. Also the information is disclosed after taking permission of law or from the customers. The main aim of collecting data is to know about the preferences of customers and marketing the products and services of their preferences.

How customer can access and alter their information: Woolworth provides information of how customer can access their personal information except in some restricted circumstances by law. If any customer want to access or change its information then they can contact with Privacy officer at privacy@woolworths.com.au or by calling us on 1300 908 631(Woolworths Group Privacy Policy, 2018). Alternatively, customer can write to Woolworth at:

Privacy Officer
Woolworths Group Limited
PO Box 8000
BAULKHAM HILLS NSW 2153

The access of personal information is provided to anyone third person after confirming the identity through any identity proof only and also charge a nominal fee for giving access.

How any customer can complain about the management of personal information?: If customer want to complain for the breach of policy rules, then he/she may contact to Privacy Officer at above mentioned details. The complaint must be provided in written to them. Discuss the complaint with the members working in the organization. Privacy Officer will investigate about the whole matter and try to resolve as soon as possible (Woolworths Group Privacy Policy, 2018). If Privacy Officer is unable to solve the problem then it will proceed to the Privacy commissioner for further investigation and also provide details of Commissioner to the customer.

Woolworths will share the information only with trusted service provider for processing and storage of information. Woolworths advertises for its first Chief Information Security Officer (CIFO) in January 2015 for strengthening the infosec credentials (Coyne and Coyne, 2015). The chief information security officer takes the responsibility of data security and information about the organization. The CISO have following responsibilities:

Security Operations: Analysis of the immediate threats during real-time and take action in case of some wrong or misleading activities.

Cyber risk and cyber intelligence: Develops the security threats and help in understanding the possible security problems due to various business moves.

Loss of data and prevention from fraud: The team ensures that there will be no fraudulent activities involved in organization and keep eyesight over the internal staff.

Security architecture: CISO plans and prepare the security hardware and security and also design IT and network infrastructure with good security practices.

Identify and access management: CISO ensure that the data and systems must be operated by the authorized persons only.

Investigations: Examine properly the wrong activity in breach; ensure that no such activity will occur in future.

Governance: They ensure that organization workings run smoothly. No disturbances will be in operations of organization.

For protecting the organization and customer’s personal information, organization develops strategy. The planned strategy for security system helps in identifying threats timely and protects the sensitive data from thefts. It helps in retaining the information confidential (Puckett, C., 2009). Top management and administration level plays major role for developing the safety and security policies because they are at the most top authority and very well know about the organization and importance of the privacy of information. For developing the security strategy and safety awareness policies requires huge time, efforts and money.

There are some threats and vulnerabilities for company’s network:

Mobile madness: There are many people who will access the apps and websites through phone rather than the computer. Due to this malware is increasing and it makes difficulty in managing and retaining the company’s network for internal and external users.

Third Party: The business organizations generally contact to the third parties for the work and information. There may be chance of theft of the information by that third party for their personal use and also they may provide data of one organization to another competitor for earning extra profits.

Technical advancements: The techniques have both opportunities as well as threats to the organization and consumers. As the latest technology make everything comfortable but it also increases the risk. There may be chance of theft of personal information and bank details etc through advanced techniques. For example: Doing transaction through credit cards will share bank details on internet which must be encrypted for protecting the details from threats. The U.S. Government adopt good and advanced encryption standard of 256 bit keys for controlling the attack through outsiders (Studevent 2019).

Hackers: as the technology gets advanced, the humans are getting more advanced. The information and accounts are easily hacked by hackers nowadays. That is the serious issue because it will disclose all the information about the person.

Cyber security: It is the most important concern for Woolworths because the threat or cyber security breach will affect the reputation of organization and decreases the value of the firm among investors (Mitts and Talley 2019).

For developing a complex security policy and strategy top authority needs to examine all constraints. The user community consists of individual or groups ensure the success of policy and strategies developed. For developing best strategies and policies of safety, team required specialized person like technical expert, computer specialist, and professional person for internet security, system administrator and designer. The stakeholders of strategy developing team have to analyze each and everything very carefully because it is the matter of safety of personal information and reputation of organization. Also the companies can create public relations for spreading awareness among the general consumers about the Safety and security policies followed in organization. The privacy policy are applied to every individual working in Woolworth or working for the Woolworth Limited in New Zealand, Australia and overseas.

Conclusion on Information Security at Woolworths

The information security is the most important task for an organisation. The personal data and information of the customer with Woolworth are serious matter of concern. The motive of information security team of Woolworth is to manage and retain data carefully and privately. This will helps the organization in protecting data and developing the strategy for safety, security and retain that in the systems for future purpose. Woolworth deals with multiple products like groceries, DVDs, stationary items, health and beauty products, etc and provides discount and rewards according to the amount of purchase. So it is compulsory to retain exact and true data and information of the person and its purchase. By conveying the security policies to general public, Woolworth stimulates the consumer to enter their correct information. It is necessary for all organizations to develop the policies and strategies through experts or specialists so that all information will be encrypted. The confidential information should retain in the organization or with third parties. The reports also plays important role for different interested parties in setting up the strategies and techniques for safety. The organizations must make a periodic audit for cyber security also. Also the organization has to provide training and guidance to its members about the threat and risk of information in organization. They must provide education to them also how carefully they have to work so that they will also prevent data from theft.

References for Information Security at Woolworths

Biyela, S.M., 2018. Marketing mix strategy adaptation in response to global economic crisis at Woolworths in KwaZulu-Natal (Doctoral dissertation).

Coyne, A. and Coyne, A., 2015. Woolworths Hires First-Ever CISO. [online] iTnews. Available at: https://www.itnews.com.au/news/woolworths-hires-first-ever-ciso-404338.

Govender, S., 2017. How social media can be used to engage and interact with consumers in the retail industry: an analysis on Woolworths' online strategies (Doctoral dissertation, The IIE).

Mitts, J. and Talley, E., 2019. Informed Trading and Cybersecurity Breaches. Harv. Bus. L. Rev., 9, p.1.

Puckett, C., 2009. The story of the social security number. Soc. Sec. Bull., 69, p.55.

Studevent, L.A., 2019. Consumers Perceptions of the Security of Personal Information in Bank Card Transactions (Doctoral dissertation, Robert Morris University).

Woolworths.com.au. 2018. Woolworths Group Privacy Policy. [online] Available at: https://www.woolworths.com.au/shop/discover/about-us/privacy-policy.

Woolworthsgroup.com.au. n.d. Woolworths Supermarkets - Woolworths Group. [online] Available at: https://www.woolworthsgroup.com.au/page/about-us/our-brands/supermarkets/Woolworths.

Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Computer Science Assignment Help


Book Online Sessions for Information Security At Woolworths Assignment Answers Online

Submit Your Assignment Here