, PLEASE USE THIS DOCUMENT AS A GUIDE TO ANSWER YOUR ASSIGNMENT
Question 1
1.1. What security measures should implemented for different types of information to ensure
appropriate protection? Provide a practical example.
Confidential Information:
Measure: Encrypt sensitive data, both in storage and during transmission, to prevent
unauthorized access.
Example: The SAPS (South African Police Service) could encrypt criminal records stored
digitally to prevent unauthorized individuals from accessing personal data1 .
Personal Information:
Measure: Implement access control mechanisms where only authorized personnel can view or
modify personal information.
Example: Sensitive data related to individuals, such as crime victims, should only be accessible
to authorized officers. Unauthorized sharing or leakage of such information could violate
privacy rights2 .
Public Information:
Measure: No encryption is needed, but proper classification must be used to define how the
information is handled.
Example: Public crime statistics can be shared freely but should be classified as "public" to
ensure no misuse of such easily accessible data3 .
Operational Information:
Measure: Use two-factor authentication and real-time monitoring to track access to operational
systems and prevent unauthorized changes.
Example: Access to real-time crime data or GIS crime mapping systems should be restricted to
police officers who are authorized to use it for operational planning4 .
Legislative Compliance:
Measure: Ensure all information systems comply with the relevant laws and policies governing
information management.
Example: Compliance with the Protection of Information Act (1982) and the South African
Police Service Act (1995) is mandatory to manage the security of information across law
enforcement systems5 .
1: (CRI3701, Study Guide, p.148)
2: (CRI3701, Study Guide, p.173)
3: (CRI3701, Study Guide, p.169)
4: (CRI3701, Study Guide, p.333)
5: (CRI3701, Study Guide, p.52)
Question 1
1.1. What security measures should implemented for different types of information to ensure
appropriate protection? Provide a practical example.
Confidential Information:
Measure: Encrypt sensitive data, both in storage and during transmission, to prevent
unauthorized access.
Example: The SAPS (South African Police Service) could encrypt criminal records stored
digitally to prevent unauthorized individuals from accessing personal data1 .
Personal Information:
Measure: Implement access control mechanisms where only authorized personnel can view or
modify personal information.
Example: Sensitive data related to individuals, such as crime victims, should only be accessible
to authorized officers. Unauthorized sharing or leakage of such information could violate
privacy rights2 .
Public Information:
Measure: No encryption is needed, but proper classification must be used to define how the
information is handled.
Example: Public crime statistics can be shared freely but should be classified as "public" to
ensure no misuse of such easily accessible data3 .
Operational Information:
Measure: Use two-factor authentication and real-time monitoring to track access to operational
systems and prevent unauthorized changes.
Example: Access to real-time crime data or GIS crime mapping systems should be restricted to
police officers who are authorized to use it for operational planning4 .
Legislative Compliance:
Measure: Ensure all information systems comply with the relevant laws and policies governing
information management.
Example: Compliance with the Protection of Information Act (1982) and the South African
Police Service Act (1995) is mandatory to manage the security of information across law
enforcement systems5 .
1: (CRI3701, Study Guide, p.148)
2: (CRI3701, Study Guide, p.173)
3: (CRI3701, Study Guide, p.169)
4: (CRI3701, Study Guide, p.333)
5: (CRI3701, Study Guide, p.52)
