A Risk Assessment of Information Security in a Diet Centre Business: A Case Study

Tasneem Annahdi; Duaa Alkubaisy; Luca Piras

doi:10.5220/0013488300003928

A Risk Assessment of Information Security in a Diet Centre Business: A Case Study

Tasneem Annahdi, Duaa Alkubaisy, Luca Piras

2025

Abstract

This paper employed the framework of Operationally Critical Threat, Asset, and Vulnerability Evaluation Allegro (OCTAVE-Allegro) to analyse the key risks and challenges faced by the business of Diet Centre X, particularly in terms of security, operational efficiency, and customer trust. The primary concerns identified include data input errors, outdated billing systems, weak password management practices, and a lack of comprehensive security awareness training. These issues pose significant risks to the centre’s productivity, financial health, and reputation. Contributions of this paper include the proposal of several lessons learned and solutions: creating a customer registration system that is connected to the client data validation in the management system, along with implementing a validation for all input fields to reduce human errors and upgrading the billing system to remove outdated payment methods and enhance the user interface, and conducting quarterly security awareness training for all employees to increase their preparedness against potential security threats.

Download

Paper Citation

in Harvard Style

Annahdi T., Alkubaisy D. and Piras L. (2025). A Risk Assessment of Information Security in a Diet Centre Business: A Case Study. In Proceedings of the 20th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE; ISBN 978-989-758-742-9, SciTePress, pages 858-867. DOI: 10.5220/0013488300003928

in Bibtex Style

@conference{enase25,
author={Tasneem Annahdi and Duaa Alkubaisy and Luca Piras},
title={A Risk Assessment of Information Security in a Diet Centre Business: A Case Study},
booktitle={Proceedings of the 20th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE},
year={2025},
pages={858-867},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013488300003928},
isbn={978-989-758-742-9},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE
TI - A Risk Assessment of Information Security in a Diet Centre Business: A Case Study
SN - 978-989-758-742-9
AU - Annahdi T.
AU - Alkubaisy D.
AU - Piras L.
PY - 2025
SP - 858
EP - 867
DO - 10.5220/0013488300003928
PB - SciTePress