A risk assessment of information security in a diet centre business: a case study
Conference paper
Annahdi, T., Alkubaisy, D. and Piras, L. 2025. A risk assessment of information security in a diet centre business: a case study. Mannion, M., Mannisto, T. and Maciaszek, L. (ed.) 20th International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE). Porto (Portugal) 04 - 06 Apr 2025 SCITEPRESS - Science and Technology Publications. pp. 858-867 https://doi.org/10.5220/0013488300003928
Type | Conference paper |
---|---|
Title | A risk assessment of information security in a diet centre business: a case study |
Authors | Annahdi, T., Alkubaisy, D. and Piras, L. |
Abstract | This paper employed the framework of Operationally Critical Threat, Asset, and Vulnerability Evaluation Allegro (OCTAVE-Allegro) to analyse the key risks and challenges faced by the business of Diet Centre X, particularly in terms of security, operational efficiency, and customer trust. The primary concerns identified include data input errors, outdated billing systems, weak password management practices, and a lack of comprehensive security awareness training. These issues pose significant risks to the centre’s productivity, financial health, and reputation. Contributions of this paper include the proposal of several lessons learned and solutions: creating a customer registration system that is connected to the client data validation in the management system, along with implementing a validation for all input fields to reduce human errors and upgrading the billing system to remove outdated payment methods and enhance the user interface, and conducting quarterly security awareness training for all employees to increase their preparedness against potential security threats. |
Keywords | Risk assessment; OCTAVE-Allegro framework; small and medium-sized businesses; Information security; human error; vulnerability assessment; risk mitigation |
Sustainable Development Goals | 9 Industry, innovation and infrastructure |
Middlesex University Theme | Creativity, Culture & Enterprise |
Research Group | Software Engineering, Theory & Algorithms (SETA) Research Group |
Conference | 20th International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE) |
Page range | 858-867 |
Proceedings Title | Proceedings of the 20th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE - Volume 1 |
Editors | Mannion, M., Mannisto, T. and Maciaszek, L. |
ISSN | 2184-4895 |
ISBN | |
Hardcover | 9789897587429 |
Publisher | SCITEPRESS - Science and Technology Publications |
Publication dates | |
04 Apr 2025 | |
Publication process dates | |
Accepted | 13 Feb 2025 |
Deposited | 28 Feb 2025 |
Output status | Published |
Accepted author manuscript | File Access Level Open |
Copyright Statement | This is an author produced accepted manuscript version of a conference paper included in this repository with permission. The final paper is published by SCITEPRESS as: Annahdi, T., Alkubaisy, D. and Piras, L. (2025). A Risk Assessment of Information Security in a Diet Centre Business: A Case Study. In Proceedings of the 20th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE; ISBN 978-989-758-742-9; ISSN 2184-4895, SciTePress, pages 858-867. DOI: 10.5220/0013488300003928 |
Digital Object Identifier (DOI) | https://doi.org/10.5220/0013488300003928 |
Web address (URL) of conference proceedings | https://doi.org/10.5220/0000189300003928 |
Language | English |
https://repository.mdx.ac.uk/item/211q4x
Download files
Accepted author manuscript
ENASE-25_Risk_Assess_Inf_Security_Diet_Centre_Business_SUBMITTED.pdf | ||
File access level: Open |
59
total views3
total downloads0
views this month0
downloads this month