A Risk Assessment of Information Security in a Diet Centre Business: A Case Study

This paper employed the framework of Operationally Critical Threat, Asset, and Vulnerability Evaluation Allegro (OCTAVE-Allegro) to analyse the key risks and challenges faced by the business of Diet Centre X, particularly in terms of security, operational efficiency, and customer trust. The primary concerns identified include data input errors, outdated billing systems, weak password management practices, and a lack of comprehensive security awareness training. These issues pose significant risks to the centre’s productivity, financial health, and reputation. Contributions of this paper include the proposal of several lessons learned and solutions: creating a customer registration system that is connected to the client data validation in the management system, along with implementing a validation for all input fields to reduce human errors and upgrading the billing system to remove outdated payment methods and enhance the user interface, and conducting quarterly security awareness tr aining for all employees to increase their preparedness against potential security threats.