Client Background-The Society for Storytelling (SFS) is a UK-based organization that promotes and supports the art of storytelling. They offer three types of membership: individual, organizational, and international. The membership is broken down as follows -standard is £20 or £15 concession, storyteller is £34 full rate or £29 concession, Clubs do not pay, there are just 2 "organization" members which pay £75 (www.sfs.org.uk,2017). Its main competitors are National Literacy Trust and other similar charity trusts. The National Literacy Trust is a UK-based charity dedicated to improving literacy skills and promoting reading among young people and adults (National Literacy Trust, 2019)
Project Introduction-The SFS is planning to increase its revenues by increasing the prices for its membership. The client wants to know the impact of taking this decision. The project looks over whether it is viable for SFS to increase its membership prices and what are the mitigation steps it can take.
Project Scope - The main objective of the project is to analyse SFS's current membership fees, benefits, and market position to determine whether increasing membership prices is feasible and advisable.
Exclusions-Following are the possible exclusions for the project-
Data Model & Data Analysis Hypothesis- The data model and data, hypothesis for this project could be as follows:
External Data Security Legislation: One of the most relevant external data security legislations for SFS organization is the General Data Protection Regulation (GDPR). This regulation provides guidelines for the collection, processing, and storage of personal data of individuals within the European Union (EU).(The General Data Protection Regulation (GDPR) AN EPSU BRIEFING, n.d.) Other relevant external data security legislation is the Data Protection Act (DPA) 2018,(Government of UK, 2018b) which sets out rules for the processing and handling of personal data in the UK. The DPA 2018 incorporates the GDPR into UK law and sets additional standards for data processing by law enforcement agencies, intelligence services, and other public authorities.
Internal Data Security Legislation: SFS may have its own internal data security standards, policies, and procedures that govern the management of data. These internal policies should be aligned with external regulations such as the GDPR and DPA 2018. Some of the relevant internal data security policies and procedures could include:
1. Information Security Policy: This policy outlines the measures to be taken to protect sensitive information, including personal data, from unauthorized access, use, disclosure, disruption, modification, or destruction(Höne and Eloff, 2002))
2. Data Classification Policy: This policy defines the types of data held by the organization and the security requirements for each type of data.(Knowles, 2021)
3. Access Control Policy: This policy outlines the procedures for granting access to data and systems, including the use of user IDs, passwords, and multi-factor authentication.(User Access Control Policy Contents, n.d.)
Principles of Data Classification: Data classification involves categorizing data based on its sensitivity and the level of protection required. The three main categories of data are:
1. Open and Public Data: Examples include press releases, public reports, and marketing materials.
2. Administrative Data: This type of data is used for internal business operations and may include sensitive information such as financial data, employee records, and confidential business information.
3. Research Data: This type of data is used for research purposes and may include sensitive information such as personal data, health data, and confidential research findings.
Ethical Aspects and Considerations: There may be some personal data involved while collecting and analyzing membership data and demographic data. Care should be taken while handling such data for analyses. Any sort of personal information can either be deleted completely or masked to protect privacy.
Data Model:
Project Introduction-The SFS is planning to increase its revenues by increasing the prices for its membership. The client wants to know the impact of taking this decision. The project looks over whether it is viable for SFS to increase its membership prices and what are the mitigation steps it can take.
Project Scope - The main objective of the project is to analyse SFS's current membership fees, benefits, and market position to determine whether increasing membership prices is feasible and advisable.
Exclusions-Following are the possible exclusions for the project-
- A detailed financial analysis of SFS's overall financial health may not fall under the project's scope.
- It may not involve conducting legal or regulatory compliance assessments for SFS.
- It may not involve implementing any changes or monitoring their impact on SFS's business or membership.
Data Model & Data Analysis Hypothesis- The data model and data, hypothesis for this project could be as follows:
External Data Security Legislation: One of the most relevant external data security legislations for SFS organization is the General Data Protection Regulation (GDPR). This regulation provides guidelines for the collection, processing, and storage of personal data of individuals within the European Union (EU).(The General Data Protection Regulation (GDPR) AN EPSU BRIEFING, n.d.) Other relevant external data security legislation is the Data Protection Act (DPA) 2018,(Government of UK, 2018b) which sets out rules for the processing and handling of personal data in the UK. The DPA 2018 incorporates the GDPR into UK law and sets additional standards for data processing by law enforcement agencies, intelligence services, and other public authorities.
Internal Data Security Legislation: SFS may have its own internal data security standards, policies, and procedures that govern the management of data. These internal policies should be aligned with external regulations such as the GDPR and DPA 2018. Some of the relevant internal data security policies and procedures could include:
1. Information Security Policy: This policy outlines the measures to be taken to protect sensitive information, including personal data, from unauthorized access, use, disclosure, disruption, modification, or destruction(Höne and Eloff, 2002))
2. Data Classification Policy: This policy defines the types of data held by the organization and the security requirements for each type of data.(Knowles, 2021)
3. Access Control Policy: This policy outlines the procedures for granting access to data and systems, including the use of user IDs, passwords, and multi-factor authentication.(User Access Control Policy Contents, n.d.)
Principles of Data Classification: Data classification involves categorizing data based on its sensitivity and the level of protection required. The three main categories of data are:
1. Open and Public Data: Examples include press releases, public reports, and marketing materials.
2. Administrative Data: This type of data is used for internal business operations and may include sensitive information such as financial data, employee records, and confidential business information.
3. Research Data: This type of data is used for research purposes and may include sensitive information such as personal data, health data, and confidential research findings.
Ethical Aspects and Considerations: There may be some personal data involved while collecting and analyzing membership data and demographic data. Care should be taken while handling such data for analyses. Any sort of personal information can either be deleted completely or masked to protect privacy.
Data Model:
- Membership Data: This would include data on the current number of members and the breakdown of membership types, i.e., individual, organizational, and international, as well as their respective prices.
- Revenue Data: This would include data on SFS's current revenue from membership fees and any other sources of revenue.
- Market Data: This would include data on SFS's market position, its competition, and trends in the industry.
- Member Engagement Data: This could include data on member retention rates, membership renewal rates, and member satisfaction scores.
- Member Demographic Data: This could include data on the age, gender, location, and occupation of SFS members.
- Hypothesis 1: Increasing membership prices could lead to a decrease in the number of members, but an increase in revenue.
- Hypothesis 2: SFS's market position and competition may play a role in determining the feasibility of increasing membership prices.
- Hypothesis 3: The benefits of membership may also be a factor in determining whether members are willing to pay higher fees.
- SFS's current membership costs and perks fairly represent the value it offers to members.
- The target market for SFS is prepared to pay higher prices in exchange for more benefits.
- Raising membership dues won't have a detrimental effect on SFS's social goals or standing.
- The project team has access to precise and current information about SFS's membership and financial performance.
- The membership costs and advantages offered by SFS's rivals are comparable to those of SFS.
- The project's budget and timeframe are constrained, and it's likely that in-depth market research or data analysis won't be possible.
- Due to concerns about data privacy or confidentiality, the project team may only have limited access to data or information.
- SFS's board of directors must approve any modifications to membership costs and benefits.
- Timely and reliable data from SFS's membership and financial databases are essential to the project's success.
- To gather information or put any suggested improvements into practice, the project team might need to work with SFS's marketing or finance departments.
- Any adjustments to SFS's membership costs and perks may be influenced by outside variables like shifts in the UK economy or the level of competition.
- To ensure that any suggested modifications are in line with the social aims and strategic priorities of the organization, the project team may need to work with the board of directors of SFS.
RACI Matrix and Communication Plan-
Project Plan-
Risk Register-
References-
- www.sfs.org.uk. (2017). The Society for Storytelling | The Society for Storytelling. [online] Available at: https://www.sfs.org.uk/.
- National Literacy Trust (2019). National Literacy Trust. [online] National Literacy Trust. Available at: https://literacytrust.org.uk/.
- The General Data Protection Regulation (GDPR) AN EPSU BRIEFING. (n.d.). Available at: https://www.epsu.org/sites/default/files/article/files/GDPR_FINAL_EPSU.pdf.
- Government of UK (2018). Data Protection Act 2018. [online] Legislation.gov.uk. Available at: https://www.legislation.gov.uk/ukpga/2018/12/contents/enacted.
- Höne, K. and Eloff, J.H.P. (2002). Information security policy — what do international information security standards say? Computers & Security, 21(5), pp.402–409.
- Knowles, M. (2021). Data Classification Policy: Definition, Examples, & Free Template. [online] Hyperproof. Available at: https://hyperproof.io/resource/data-classification-policy/#:~:text=%2Dto%2Ddate.-.
- User Access Control Policy Contents. (n.d.). Available at: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/886732/dwp-user-access-control-policy.pdf.