ASSIGNMENT 1 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 17: Business Process Support

Submission date 25/2/2024 Date Received 1st submission

Re-submission Date Date Received 2nd submission

Student Name Nguyen Nam Truong Student ID BH00704

Class IT0603 Assessor name Dinh Van Dong

Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that
making a false declaration is a form of malpractice.

Student’s signature Truong

Grading grid

P1 P2 P3 P4 M1 M2 D1
 Summative Feedback:  Resubmission Feedback:

Grade: Assessor Signature: Date:

Internal Verifier’s Comments:

Signature & Date:

Contents
I. Introduction ............................................................................................................................................. 5
II. Content .................................................................................................................................................... 6
P3 Discuss the social legal and ethical implications of using data and information to support business
processes. ..................................................................................................................................................... 6
1. Social Implications ........................................................................................................................... 6
2. Legal Implications ............................................................................................................................ 9
3. Ethical Implications ........................................................................................................................ 12
P4 Describe common threats to data and how they can be mitigated on a personal level. .......................... 14
1. Malware and Ransomware: ............................................................................................................ 14
2. Data Breaches: ............................................................................................................................... 14
3. Social Engineering Attacks: ............................................................................................................ 15
4. Insider Threats: .............................................................................................................................. 16
5. Physical Threats and Natural Disasters: ......................................................................................... 16
III. Conclusion ......................................................................................................................................... 17
IV. References .......................................................................................................................................... 18
Figure 1: Privacy Concerns ............................................................................................................................................ 6
Figure 2: Inequality and Discrimination ........................................................................................................................ 7
Figure 3: Digital Divide .................................................................................................................................................. 7
Figure 4: Manipulation of Public Opinion .................................................................................................................... 8
Figure 5: Consumer trust .............................................................................................................................................. 9
Figure 6: Data protection laws .................................................................................................................................... 10
Figure 7:Intellectual Property Rights: ......................................................................................................................... 10
Figure 8:Consumer Rights and Consent:..................................................................................................................... 11
Figure 9:Transparency ................................................................................................................................................ 12
Figure 10:CSR .............................................................................................................................................................. 13
Figure 11: Malware and Ransomware ........................................................................................................................ 14
Figure 12:Data Breaches ............................................................................................................................................. 15
Figure 13:Social Engineering Attacks .......................................................................................................................... 15
Figure 14:Insider Threats: ........................................................................................................................................... 16
 I. Introduction
In an era defined by rapid technological advancements and dynamic market landscapes, the role of data and
information in shaping the success of organizations cannot be overstated. This report delves into the
transformative impact of leveraging data for informed decision-making and operational excellence, using
real-world examples and insights.

As businesses navigate through unprecedented challenges, the ability to harness data becomes a strategic
imperative. The report not only explores the significance of data-driven approaches but also provides a
comprehensive understanding of how organizations can adapt and thrive in an environment where
information is key to success.

Join us on this journey as we examine case studies, best practices, and emerging trends in leveraging data
and information across diverse industries. From enhancing customer experiences to optimizing internal
processes, the report aims to be a valuable resource for leaders, decision-makers, and professionals seeking
to unlock the full potential of data in their respective domains.

Let us embark on a comprehensive exploration of the data-driven landscape, where information isn't just a
tool but a catalyst for innovation and sustained success.
 II. Content

P3 Discuss the social legal and ethical implications of using data and information to support
business processes.
Using data and information to support corporate activities has a variety of social, legal, and ethical issues.
Organizations such as ABC Manufacturing must evaluate these implications in order to ensure responsible
and compliant data use. Here are some crucial points for discussion:

1. Social Implications
Privacy Concerns:

The advent of big data and advanced analytics has raised significant privacy concerns among individuals.
As businesses collect and analyze vast amounts of personal data, individuals become apprehensive about
the extent to which their privacy is respected. The transparency of data collection practices becomes
paramount, and organizations must clearly communicate the purposes for which data is being used.
Implementing robust security measures to protect sensitive information is crucial in alleviating privacy
concerns and maintaining trust among stakeholders.

Figure 1: Privacy Concerns

 Inequality and Discrimination:

Data-driven decision-making processes, particularly those relying on algorithms, may inadvertently

perpetuate existing societal biases. For instance, automated recruitment systems might favor certain
demographics, potentially leading to discrimination in hiring practices. Organizations must be vigilant in
identifying and mitigating biases within their algorithms to ensure fair and equal treatment for all
individuals, regardless of their background.

Figure 2: Inequality and Discrimination

Digital Divide:

The increasing reliance on digital technologies and data may exacerbate existing disparities in access to
information and technology. This digital divide can impact individuals' access to opportunities, services,

Figure 3: Digital Divide

and information, thereby widening social inequalities. Addressing the digital divide requires proactive
measures, such as providing access to technology in underserved communities and promoting digital literacy
to ensure that everyone can benefit from the opportunities presented by the data-driven era.

Manipulation of Public Opinion:

The targeted delivery of content and advertising based on data analytics can be exploited to manipulate
public opinion. Businesses may unintentionally or intentionally create information bubbles, reinforcing
existing beliefs or influencing public sentiment. This raises ethical concerns about the potential misuse of
data for political or commercial gain. Organizations must prioritize transparency in their communication
practices and ensure that data-driven campaigns adhere to ethical standards, avoiding manipulative tactics.

Figure 4: Manipulation of Public Opinion

Impact on Employment and Skills:

Automation and the integration of data-driven technologies may reshape the job market, potentially leading
to job displacement in certain sectors. There are concerns about the impact on employment opportunities
and the need for reskilling the workforce to adapt to the changing demands of a data-centric economy.
Addressing these concerns requires collaboration between businesses, educational institutions, and
policymakers to develop strategies for upskilling and reskilling the workforce, ensuring that individuals are
equipped with the skills needed in the evolving job landscape.
Consumer trust

is a pivotal social implication stemming from the integration of data and information in business processes.
In an era where personal data is a valuable commodity, organizations must prioritize transparency, security,
and ethical practices to foster and maintain consumer trust. This begins with ensuring data transparency,
where businesses communicate clearly about their data collection, usage, and protection measures. Robust
security measures, including encryption and regular audits, are essential to safeguarding consumer data
against breaches that could compromise trust. The ethical use of data, respecting user preferences, and
obtaining informed consent contribute to positive perceptions and reinforce a sense of trustworthiness.

Figure 5: Consumer trust

Accuracy and fairness in data-driven processes are crucial to prevent unintended biases and maintain
equitable treatment. Responsive data practices, such as allowing consumers to access and manage their data,
contribute to a sense of control and further build trust.

2. Legal Implications
Data Protection Laws:

GDPR and Global Compliance: Organizations operating in the European Union must adhere to the
General Data Protection Regulation (GDPR), which outlines strict guidelines on how personal data should
be collected, processed, and stored. Even for businesses outside the EU, GDPR compliance is crucial when
handling data of EU citizens. Similar data protection laws in other jurisdictions, such as the California
Consumer Privacy Act (CCPA) in the United States, mandate organizations to respect individuals' privacy
rights and ensure the lawful processing of personal data.
 Figure 6: Data protection laws

Security and Breach Notification:

Data Security Standards: Legal obligations require organizations to implement robust security measures
to safeguard the data they collect. Adherence to industry-accepted security standards and encryption
protocols is vital. In case of a data breach, timely notification to affected individuals and relevant regulatory
authorities is not just good practice but is often legally mandated. Failure to comply with these breach
notification requirements may result in severe penalties and damage to an organization's reputation.

Intellectual Property Rights:

Respecting Proprietary Information: Businesses must respect intellectual property rights when using
data, particularly when collaborating with third parties or utilizing external data sources. Unauthorized use
or distribution of proprietary information, trade secrets, or copyrighted material can lead to legal disputes.
Clear contractual agreements defining the ownership and permissible use of data are essential to mitigate
intellectual property risks.

Figure 7:Intellectual Property Rights:

Contractual Agreements:

Data-Sharing Contracts: Many organizations enter into contracts with third-party vendors, partners, or
clients for various data-related services. Violating the terms of these contractual agreements, such as data-
sharing agreements or confidentiality clauses, can lead to legal disputes and financial penalties. Ensuring
that contracts explicitly outline data usage, protection measures, and dispute resolution mechanisms is
crucial for legal compliance.

Cross-Border Data Transfer:

Navigating International Regulations: The global nature of data flows often requires organizations to
navigate cross-border data transfer regulations. Legal frameworks, such as the EU-US Privacy Shield (now
invalidated) or Standard Contractual Clauses, play a significant role in facilitating lawful and secure data
transfers across jurisdictions. Staying informed about the evolving landscape of international data transfer
regulations is imperative for organizations with a global footprint.

Consumer Rights and Consent:

Individual Empowerment: Various data protection laws emphasize empowering individuals with control
over their data. Businesses are required to obtain explicit consent for data collection and processing.
Providing individuals with clear information about how their data will be used and obtaining their consent
ensures compliance with legal requirements and respects individual privacy rights.

Figure 8:Consumer Rights and Consent:

 3. Ethical Implications
Transparency and Accountability:

Open Communication and Education: Ethical data practices demand a commitment to transparency in all
stages of data processing. Organizations should not only clearly communicate their data collection and usage
policies to individuals but also educate them on the implications of sharing their information. Transparency
fosters trust and enables individuals to make informed decisions about the extent to which they are willing
to share their data.

Figure 9:Transparency

Fairness and Bias Mitigation:

Continuous Monitoring and Mitigation: Addressing biases in data-driven processes is an ongoing ethical
commitment. Organizations should implement continuous monitoring mechanisms to identify potential
biases and actively work towards their mitigation. Employing diverse teams and perspectives in the
development and review of algorithms helps ensure fairness and prevents unintentional discrimination.

Informed Consent:

Empowering Through Information: Ethical organizations go beyond the legal requirement of obtaining
consent; they ensure that individuals are empowered through comprehensive information. This includes
explaining not only the immediate purpose of data collection but also the potential downstream uses. Clear
and concise communication ensures that individuals make informed decisions about sharing their data.
Responsible Data Use:

Data Governance Policies: Ethical data use involves setting and adhering to clear data governance policies.
Organizations should define the scope and limitations of data use, ensuring that collected information is
employed only for legitimate purposes. Regular audits and assessments can help verify adherence to these
policies, fostering a culture of responsible data management.

Corporate Social Responsibility (CSR):

Community Impact Assessment: Ethical organizations integrate CSR principles into their data practices by
conducting impact assessments. This involves evaluating how data-driven decisions may affect the broader
community and society. Aligning data practices with CSR values ensures that organizations contribute
positively to societal well-being and operate ethically in the digital landscape.

Figure 10:CSR

Data Ownership and Control:

Empowering Individuals: Beyond legal compliance, ethical organizations prioritize empowering individuals
with control over their data. Implementing robust systems for individuals to access, correct, or delete their
data underscores a commitment to respecting privacy rights. Ethical data practices recognize data as an
extension of personal autonomy, emphasizing the importance of user control.

Expanding on these ethical considerations involves embedding them into the organizational culture and
decision-making processes. This includes training employees on ethical data practices, establishing ethical
guidelines for data scientists and analysts, and fostering a culture where ethical considerations are woven
into the fabric of data-driven initiatives. By prioritizing these ethical principles, organizations can not only
enhance their reputation but also contribute positively to the broader ethical landscape of data utilization.

P4 Describe common threats to data and how they can be mitigated on a personal level.

1. Malware and Ransomware:

Malware and ransomware attacks are ever-present dangers that can compromise personal and organizational
data security. At the personal level, individuals can install reputable antivirus software, keep their operating
systems and applications up to date, and exercise caution when interacting with online content. Regularly
backing up data ensures a safety net in case of a ransomware attack. Organizations should deploy advanced
threat detection systems, conduct regular security assessments, enforce email and web filtering, and
establish well-defined incident response protocols to counter these threats effectively.

Figure 11: Malware and Ransomware

2. Data Breaches:
Data breaches, involving unauthorized access to confidential information, remain a pervasive threat. On a
personal level, individuals can limit the sharing of personal information online, use encryption for sensitive
data, and closely monitor financial accounts for any unusual activity. At the organizational level, encrypting
data, implementing data loss prevention solutions, segmenting networks, and having a comprehensive
incident response plan in place are vital measures to prevent and mitigate the impact of data breaches.
 Figure 12:Data Breaches

3. Social Engineering Attacks:

Social engineering attacks involve manipulating individuals to divulge confidential information, often
exploiting psychological traits. These attacks can take various forms, such as phishing, pretexting, or
baiting. At the personal level, individuals can protect themselves by being cautious about unsolicited
communications, verifying the legitimacy of requests for sensitive information, and staying informed about
common social engineering tactics. Organizations can conduct regular security awareness training for
employees, implement email filtering solutions, and establish clear communication channels for verifying
requests, thereby reducing susceptibility to social engineering attacks.

Figure 13:Social Engineering Attacks

 4. Insider Threats:
Insider threats arise from individuals within an organization, such as employees, contractors, or business
partners, who misuse their access to compromise security. Personal mitigation involves maintaining a
culture of trust while also exercising caution with sensitive information. Employees should follow the
principle of least privilege, ensuring access to information aligns with their job responsibilities.
Organizations can implement monitoring systems to detect unusual behavior, conduct periodic access
reviews, and establish clear policies on data handling and employee conduct. By combining technical
measures with a culture of awareness, organizations can significantly mitigate the risks posed by insider
threats.

Figure 14:Insider Threats:

5. Physical Threats and Natural Disasters:

Physical threats and natural disasters, ranging from fires to earthquakes, can lead to the damage or
destruction of hardware and data centers. On a personal level, individuals can store backups of critical data
in secure, off-site locations and consider utilizing cloud-based storage solutions with built-in redundancy.
At the organizational level, implementing disaster recovery and business continuity plans, maintaining
redundant data centers

SOURCE_ASM1_1ST_BPS:
https://drive.google.com/drive/folders/1u2smNcU3hP19zCYnFKQUrNE3r7-4qmAM?usp=drive_link
III. Conclusion
In conclusion, the journey of ABC Manufacturing stands as a testament to the profound impact that data
and information can have on business processes, particularly within the intricate realm of supply chain
management. Through strategic leveraging of data, ABC Manufacturing has not only navigated challenges
but has emerged as a trailblazer in operational efficiency, cost-effectiveness, and customer satisfaction.

The accurate forecasting of demand, as exemplified by ABC Manufacturing, showcases the transformative
potential of data-driven decision-making. This success story underscores the importance of embracing a
data-centric approach for informed decision-making, strategic planning, and overall business improvement.

The journey of ABC Manufacturing serves as an inspiration for others embarking on the path of digital
transformation. It is a testament to the limitless possibilities that unfold when data is not just collected but
utilized strategically to drive excellence in business operations. As we move forward, let us heed the lessons
learned from ABC Manufacturing and continue to explore, innovate, and thrive in an era where data is
undeniably the cornerstone of informed and successful business practices.
IV. References

Cote, C. (2021). 5 Principles of Data Ethics for Business. [online] Harvard Business School
Online. Available at: https://online.hbs.edu/blog/post/data-ethics.

Cleverish. (2016). Legal Implication. [online] Available at:

https://www.cleverism.com/lexicon/legal-implication-definition/.