Analysis Of AHG Limited’s Security And Policy Statements

Coverage of LRA Process

AHG (Automotive Holdings Group Limited) is the chosen organization for this assignment that has been listed in Australian stock exchange companies list. It has been categorized in retailing companies and is a diversified automotive logistics and retailing group with operations within each mainland states of the Australia and New Zealand. It is one of the largest firm operating in Western Australia, New South Wales, Queensland and Victoria, and is responsible for driving the largest automotive retail services. The logistic business of the AHG group operates business throughout the entire Australian land through the subsidiaries Genuine Truck Bodies (body building services to the truck industry), Harris Refrigerated Transport, AMCAP (industrial supplies distribution and motor parts), Rand Transport, Scott’s Refrigerated Freightways and JAT Refrigerated Road Services (transport and cold storage), VSE (vehicle storage and engineering), Higher Bus (truck and bus distribution and importation), HQVA (Husqvarna motorcycle  and KTM distribution and importation in New Zealand and Australia), and KTM Sport motorcycles. AHG engages with the influential and growing tourists market of China. This organization is selected for this assignment as it has adopted the information technology and system for empowering and enhancing the operational activities, production, and output. Online platform of the AHG allows the customers to look at the products and avail services being offered to them. The reason associated with selecting this particular organization is that it is actively engaged in the information age by making use of online platforms and several technological based payment options.

This chapter of the paper discusses the analysis of the AHG limited with respect to the security and policy statements, which has been described on the website. The governance of the privacy and security aspects related to the data and information has been addressed in website considering the nine core principles of the “Australian Data Governance Draft Code of Practice. Following are the principles on which the privacy and security governance has been incorporated within the system of the AHG limited:

No Harm Rule: This principle emphasizes that for the assurance of the collection, utilization, and information disclosure related to the personal information of the individuals will require reporting entity in manner to make the application of the best endeavours in the same context. Moreover, adding more in this content, entity should be acting with integrity in a manner that the application of the collected data and information is not supposed to be unethical. There should not be any expose of the data and the circumstances under which the data those have been collected among the third party in any condition. The AHG limited has implemented the policies that bound the organization for prioritizing the privacy and security of the personal information related to the individuals. Each visitor expressively collects some of the non-personally identifiable information that is not limited to the type of the browser, version, referring websites, operating systems, pages viewed and page access times. The collected information is helpful in serving the purpose of the personalized contents delivery, visitor traffics, and gauging trends.

Geo Map Graph

Transparency and Honesty: the second principle focuses on the organization’s honesty during the disclosure, collection, and utilizing the collected data and information related to the individuals. All the alterations and disclose of the data and information should be made considering the policy and privacy statement developed for the proper and effective functioning of the organization. There should be availability of the concise and easy accessible mechanism allowing the individuals to access or enquiry about the personal and sensitive data and information. Stress should be provided on enhancing the awareness, encouragement, and promotion about the adoption codes while disclosing or sharing the information to the third party. Updated practices will be adhered considering the collection of the data and information by the AGH Limited, because of the manipulation in the policy. There are the possibilities that information exchanged in the unanticipated scenarios have not been disclosed in the privacy note. The customer service option asks for the collection of personal information and data in manner to avail the services that could include the credentials, password recovery questions, and many more.

Fairness: The factor associated with the communities expectations related to the utilization of the personal information and risks associated with the application of these data and information must be taken in account while disclosing and collecting the personal data and information. The access of the personal data and information related to the individuals have been restricted for the AHG limited under the act of the privacy. It was identified that the organization has not been fully fair as there has not been any notes related to the privacy and thus, it can be used for unanticipated act.

Choice: there should be assurance of the properly developed mechanism, which will be helpful in proving the choices for the collection and utilization of the personal information. Despite of the fact, the current alignment of the organization in the context of the personal data and information, does not consider the facts implemented in the principles of code of practice. Shehata (2015) stated that “Unless required by law, organization should not re identify the external data that contains sensitive information without taking the consent of individual.”   

Access and Accuracy: this principle states that the data and information being exchanged and shared should be accurate and not misleading and in other words, data being exchanged should not be manipulated. The implementation of the code can be made effectively through the development and the adoption of the industry standards. The personal information utilization by the AHG limited intending on the collection of the personal information and personalization delivery related to the users accessing the sites (Thompson et al. 2015). Moreover, there should be the availability of the mechanism that should be ensuring the options those could be made while collecting and utilizing the information and data related to the personal and sensitive data.       

Safety, Security, and de Identification: the AHG Limited should be organizing and designing the security standard considering the security aspects in the contrast of the industry standard that has been recognized and those will be helpful in addressing the harms and impacts because of the security breach or intrusion. The stored and collected data sets of the multiple data sets must be treated as the sensitive and personal information until the organization identifies the de identification techniques and the security measures those have been of appropriate standards. Moreover, the organization must assure that the process of de identification is a robust system through testing and updating regular techniques those are helpful in contributing this process of the de identification (Marshall 2016). It can be recommended that the organization should review the existing security standards for assuring that the implementation is secured and protected from intrusion.

Table View of House Prices

Accountability: This principle is helpful in guiding the organization to create and maintain the different categories of the collected personal information and the guide should be emphasizing and highlighting the aspects related to the information exchange or disclosure with the third party. The AHG has been taking the reasonable steps in manner to assure that thy have been bound with the obligations related to the security and confidentiality related to the collected and data information of the individuals. Cuomo et al. (2016) highlighted that “The principles set out in code should be complied by the organization to ensure that it is properly dealing with the third parties.” There should be the availability of the public statement that assures the compliance of the company’s policy with the code, demonstrating a commitment of protecting the data and information being collected.

 Stewardship: During reviewing the privacy and security policy implemented by the AHG, it was identified that there has not any aspect related to the stewardship principle. This fact resulted in making the statement that there is the need of implementing this principle within the existing system of the organization. This will be helpful in assuring that the policies being implemented by the organization will comply with the codes and the customers will be satisfied regarding the privacy and security of the data and information being shared in the website. Recommendation can be made regarding the development and implementation of the process that is helpful in supporting and assuring the compliance of the policies with the codes (Datagovernanceaus.com.au 2018).

Enforcement: This is a principle that should be reviewed and implemented within the existing system of the organization through comparing with the codes in regular interval of time. The guidelines and statements provided in the code should be implemented within the policy of the organization in an effective and efficient manner. The implementation of the codes should comply with the organizational policy and the organization must be agreed on the proposed guidelines.  

EDA (Exploratory Data Analysis) has been driven on the diabetes data though utilizing the rapid miner studio in manner to assure the understanding on how to comply the data in this software and how to develop and execute the process. It was started through saving the imported data in the rapid manner and thereafter in the local storage. After saving the data, next step taken was to drag the dataset in the process layout section and connecting the imported data with the output port. After pressing the run button, following summary statistic was derived:

Figure 1: Summary Statistics Table

There was one dependent variable and eight independent variables in the diabetes dataset those have been identified that for predicting the dependent variables, all variables are not so important (perveen et al. 2016). The prediction of the dependent variable can be made through analysing five or six variables.

Top five variables have been identified through performing the three steps data analysis process in manner to identify the top five variables those can be utilized for predicting the diabetes of the patient. There were many variables included in the dataset and among them top five datasets were selected and scatter diagrams were prepared considering the same variables. All these the scatter plot diagrams are mentioned in the appendix section.

Exploratory Data Analysis with Rapid Miner

All these scatter diagrams are not sufficient for the prediction and so correlation study has been performed as shown below. This study, has been indicating the eight independent variables those have been positively alligned with the outcome variable. It was also identified that the blooad pressure and skin thickness has been demonstrating the negligible positive relation with the outcome variable. Thus, eliminating these two variables will not affect the overall result and further analysis can be driven using sixvariables only.

Figure: Correlation Table

Six independent variables were identified through executing correlation analysis and so for the enhancement in the efficiency, chi square test has been performed as the final and last step of the exploratory analysis. Following diagrams express the chi square test statistics that is confirming the exclusion of the two identified variables in the previous phase including the elimination of the pregnancies variable. Thus, five variables have been identified for further analysis:

The above elimination and identification led to enhancing the prediction of identifying the chances of the diabetes and following decision tree has been developed considering these aspects: some of the modifications have been implemented within the decision tree. Several operators have been utilized including the Set role, Numerical to nominal, and many more.  

The glucose level can be considered as the starting point for concluding that there is chances of the diabetes or not, it was the condition identified through the decision tree. Identified value of the glucose level has been 166.5 indicating that the patient is having diabetes and the values below than this will led to analyse further variables. Moreover, the value of the glucose less than 154.5 indicates there is not any chance of the diabetes.

Figure: Decision tree Process

Figure: Decision Tree

Logistic regression was also performed that has been demonstrated below. Weka extension was used in the rapid miner in manner to perform this analysis.  Similarly to the decision tree, a list of the operators have been incorporated within this process demonstrating the odd ratios and coefficients. any value that has been more than one will indicate the direct association and the indirect relationship will be indicated if the value lies below one. Thus, it was identified that the insulin is the only variable that has been directly associated with the diabetes chances and thus the value of the insulin is directly proportional to the chances of the diabetes.

Figure: Weka Logistic Regression Process

Figure: Weka Logistic Regression

The above analysis was helpful in identifying the predictions those can be applicable for the prediction of the diabetes using five identified variables. This section emphasizes on the comparison between the both models through revising the logistic regression models and the decision tree including the incorporation of some of the additional operators for example  Cross Validation Operator; Apply Model Operator and Performance (Binominal Classification) Operator in the final data mining process models (Roiger 2017).  Many performance metrics have been considered for the further output for example False Positive Rate, Miscalculation Rate, True Positive Rate, and Accuracy Area under Roc Chart (AUC), Precision, Recall, Lift, Sensitivity, and F Measure.

Linear Regression Model with Rapid Miner

Following processes have been driven for the analysis:

The diagram demonstrated in the below figures represents the Area under Roc Chart (AUC) and the confusion matrices for both the models. Moreover, a comparison table has been the proposed models u the terms of the performance metrics:

Figure: Confusion Matrix decision tree

Figure: Confusion Matrix Weka Logistic

Figure: Decision tree AUC

Figure: Weka Logistics AUC

Performance Matrices	Decision Tree	Logistic Regression	Remarks
Accuracy	72.39% +/- 4.53% (mikro: 72.40%)	77.47% +/- 5.34% (mikro: 77.47%)	Logistic Regression
Classification error	27.61% +/- 4.53% (mikro: 27.60%)	22.53% +/- 5.34% (mikro: 22.53%)	Decision tree
Precision	76.64% +/- 15.32% (mikro: 77.45%) (positive class: true)	73.03% +/- 9.68% (mikro: 72.51%) (positive class: true)	Decision Tree
Recall	29.37% +/- 13.52% (mikro: 29.48%) (positive class: true)	57.02% +/- 12.46% (mikro: 57.09%) (positive class: true)	Logistic Regression
Lift	219.45% +/- 43.06% (mikro: 221.95%) (positive class: true)	209.32% +/- 27.86% (mikro: 207.80%) (positive class: true)	Decision Tree
F measure	41.07% +/- 14.97% (mikro: 42.70%) (positive class: true)	63.35% +/- 9.88% (mikro: 63.88%) (positive class: true)	Logistic Regression
False positive	2.300 +/- 1.418 (mikro: 23.000) (positive class: true)	5.800 +/- 2.713 (mikro: 58.000) (positive class: true)	Logistic Regression
True positive	7.900 +/- 3.673 (mikro: 79.000) (positive class: true)	15.300 +/- 3.437 (mikro: 153.000) (positive class: true)	Logistic Regression
Sensitivity	29.37% +/- 13.52% (mikro: 29.48%) (positive class: true)	57.02% +/- 12.46% (mikro: 57.09%) (positive class: true)	Logistic Regression

The table expressed above demonstrates a comparison analysis considering the selected performance metrics that stated that logical regression has been demonstrating better prediction than that of the decision tree analysis (Kotu and Deshpande, 2014).

The graph presented below demonstrates the impact of the wildlife strikes with aircraft over time for Alabama indicting that there is not any impact in most of the cases. Despite of that the graph has been also demonstrating that there were certain numbers of the precautionary landing over the time due to the wildlife strikes.

Figure: Tableau view

The tableau view represented in the following image demonstrates the flight phase by time of the day indicating the aircrafts and wildlife strikes. The picture demonstrates that during the approach phase, “during day time such wildlife strikes were taken place followed by night time.” After this phase, the rate increases during the interval of the “landing role and take off run phase during day time, such strikes were taken place.”

Figure: Tableau view

The Tableau view has been demonstrated in the following diagram comparing the wildlife species and the aircraft strike frequency in relation with the damages those might occur. The figure demonstrates that the medium size birds are the reasons resulting in the strike for most of the cases causing a damage of $ 6,954,217.  

Figure: Tableau view

The tableau GeoMap View representing in the following figure demonstrates the flights by the origin states, displaying the wild life strike numbers and the total cost spent on the monetary for every origin state in different intervals of the time. Thus, the data represents that the California has been an evidence facing most of the strikes within the time frame. United Nations states have been considered for demonstrating the following analysis and the data related to the outside of the United Nations have been neglected.

Figure: Map View

Dashboard designing requires the proper and effective idea of the data visualization and the variables those are necessary for demonstrating the exact values. The variables have been considered one of the crucial factor in terms of the graph presentation during application on the dash boarding (Kale and Balan, 2016). It was identified that the selection of the graphical view can result in the neutral value for the dash board considering the particular aspects of the analysis (Fezarudin et al. 2017). In manner to incorporate the answers of the aspects asked in different scenarios, each of the graph view with care has been demonstrated during designing the AWS dash board.  The aspects can be demonstrated in an effective manner comprehending the message that is being provided by the dash boarding.

Figure: Aviation wildlife Dashboard

References

Abdallah, A.A.N. and Ismail, A.K., 2017. Corporate governance practices, ownership structure, and corporate performance in the GCC countries. Journal of International Financial Markets, Institutions and Money, 46, pp.98-115.

Burdon, M., Siganto, J. and Coles-Kemp, L., 2016. The regulatory challenges of Australian information security practice. Computer Law & Security Review, 32(4), pp.623-633.

Cuomo, F., Mallin, C. and Zattoni, A., 2016. Corporate governance codes: A review and research agenda. Corporate governance: an international review, 24(3), pp.222-241.

Datagovernanceaus.com.au. (2018). [online] Available at: https://datagovernanceaus.com.au/wp-content/uploads/2016/07/DGA_Code_of_Practice_2017_15.11.17.pdf [Accessed 18 May 2018].

Dow, K.L., 2017. Strengthening quality assurance in Australian higher education. In Global perspectives on quality in higher education (pp. 135-154). Routledge.

Fezarudin, F.Z., Tan, M.I.I. and Saeed, F.A.Q., 2017, August. Data Visualization for Human Capital and Halal Training in Halal Industry Using Tableau Desktop. In Asian Simulation Conference (pp. 593-604). Springer, Singapore.

Howell, N.J., 2015. Revisiting the Australian code of banking practice: is self-regulation still relevant for improving consumer protection standards. UNSWLJ, 38, p.544.

Iyer, A., Jeyalatha, S. and Sumbaly, R., 2015. Diagnosis of diabetes using classification mining techniques. arXiv preprint arXiv:1502.03774.

Kalaiselvi, C. and Nasira, G.M., 2015. Prediction of heart diseases and cancer in diabetic patients using data mining techniques. Indian Journal of Science and Technology, 8(14).

Kale, P. and Balan, S., 2016, December. Big data application in job trend analysis. In Big Data (Big Data), 2016 IEEE International Conference on (pp. 4001-4003). IEEE.

Kotu, V. and Deshpande, B., 2014. Predictive analytics and data mining: concepts and practice with rapidminer. Morgan Kaufmann.

Marshall, S., 2016. Corporate Responsibility and Stakeholder Governance: Relevance to the Australian Garment Sector. In Fair Trade, Corporate Accountability and Beyond (pp. 169-188). Routledge.

Perveen, S., Shahbaz, M., Guergachi, A. and Keshavjee, K., 2016. Performance analysis of data mining classification techniques to predict diabetes. Procedia Computer Science, 82, pp.115-121.

Roiger, R.J., 2017. Data mining: a tutorial-based primer. CRC Press.

Shehata, N.F., 2015. Development of corporate governance codes in the GCC: an overview. Corporate Governance, 15(3), pp.315-338.

Sivathaasan, N., 2016. Corporate governance and leverage in Australia: A pitch. Journal of Accounting and Management Information Systems, 15(4), pp.819-825.

Thompson, N., Ravindran, R. and Nicosia, S., 2015. Government data does not mean data governance: Lessons learned from a public sector application audit. Government information quarterly, 32(3), pp.316-322.

Tricker, R.B. and Tricker, R.I., 2015. Corporate governance: Principles, policies, and practices. Oxford University Press, USA.