Acquire Best Student Management System Assignment Help Service From Expertsminds Tutors At Reasonable Price!

Home   Course  
Previous << || >> Next

Assignment - University A in NSW, Australia is focused on implementing a new Student Management System (SMS) to manage the operations of the Higher Education services.


Key Requirements

  • improving compliance (and therefore maximising direct revenue)
  • improving University A's responsiveness to market conditions
  • reducing the administrative and manual handling burden (reducing cost to serve)
  • improving student experience (increasing revenue through conversion and retention)
  • reducing reputational risk from exposure to adverse findings in compliance or quality audits or security breaches

Tasks - Your team (team of four) have been selected as security consultant assisting the workforce.

Answer - Student Management System


For any university, information sharing is primary and it has to happen through a convenient and secured mode. There are 3 major categories of users for this system - students, teachers and administrators. A well-developed student management system is reliable, valid and promotes the productivity of the organization. It solely relies on the interface and functionality. In this paper, the idea is to suggest the regulatory compliance practices for the University A that is in a plan to develop a student management system. The reason for the high importance of regulatory compliance is that all the information shared is confidential and contain private data of students and teachers. When it is extended to administrative purpose, the school management system might also contain financial reports and it is certainly important for the developer to adhere to the state practices for this system so that it remains usable and trustworthy to use on a long run. This paper also details the obligations and other needs of the workforce.

Considerations of student management system

The purpose of a student management system, in general is to use it like a management information system in a professional establishment. However, the former is meant to deal with student data and requests. Apparently, this system takes care of student registration, scheduling, attendance, grading, results and other student data needs. Information security is an important topic of concern in this case as security breaches can happen easily in these systems. In the case of University A, there are several features required.

There are 3 categories of users - lecturers, administrator and students. The lecturers can be either contract or permanent staff. Hence, this time schedule has to be taken into consideration. When it comes to students, ethics is of primary concern. There can be cases when students tend to cheat by manipulating the existing information or sharing the confidential data to other third party people and this can be hectic.


Again, students might need sufficient library resources to aid in their post graduate research works. The access and volume of data should be taken into consideration. University A includes students from domestic and international locations. This implies that there could be cultural differences and the student management system will have to be available in a common language. There are a number of digital assets in this system - research results, lab works and private data. Further, the course materials and lectures are also private assets that need to be secured.

As an educational administrator, University A has to take the responsibility to govern the usage patterns of the users and minimize risk with proper development of contingency plans well in advance. Establishing scope and risk mitigation policies can be a good idea as the system will be put to effective use and can guarantee the desired productivity level.

There are also other requirements listed by the university and they are listed below.

- Complying to the regulations

- Improving responsiveness of the university to market variations

- Minimizing the manual administration burden

- Improving the overall usability of students

- Controlling the reputational risk

These requirements, upon implementation, can reduce the excessive financial overheads incurred and receive government funding for compliance and efficient management of the students. Subsequently, it can also pull more students and proliferate the revenues year on year with the developed features. Eventually, the reputation of university A improves and it stands out in the market.

Q. What laws or regulations the University A needs to comply with?

Answer - Regulations to comply with

The first regulation to comply with is Tertiary Education Quality and Standards Agency (TEQSA). The TEQSA act 2011 governs the education provider's rights in Australia. The details of the service provider should be registered in TEQSA and this is then stored in Commonwealth Department of Education and Training records (Australian Government, 2019). As a result, the performance, risks and reports are collected and analysed.

Alternatively, TEQSA studies the provider's quality of service as per Higher Education Standards Framework (HESF). HESF is a separate panel that aids the tertiary education followed by research activities in Australia and it works on seven major domains - teaching, governance, research, representation, student participation, quality assurance of the institution and learning environment (Curtin University, 2018).

In addition to the aforementioned regulations, the university A should also register in PRISMS (provider registration and international student management system). According to PRISMS, the government agencies of Australia possess the right to analyse the compliance of students as per education services for overseas students act 2000 (ASQA, 2018). This is very important for university A as it includes international students as well and border protection of data is essential.

The standard for registered training organizations (RTO) 2015 is the final regulation to be adhered to. It is mandatory for university A to register each of its courses as per RTO so that the learner gets a clear picture and also understands about the protection of his/her personal data shared in the system. There are clauses relating to the learner's rights, fee structure, service quality aspects, support services, funding entitlements and venue of assessment. At any instance, the student can voice against the unethical practices spotted in the student management system of University A (ASQA, 2018). Alternatively, the university can also guarantee a better quality of service as the government agencies continue to monitor the performance and data sharing procedures.


Q. What are the obligations of University A under those laws / regulations / other related policies and procedures?

Answer - Obligations of university A

University A looks forward to build the system inhouse and allow the functioning of the system only within the premises. Further, SaaS solution is used to manage the volumes of data and quicken the operations. The policies used by Victoria University are applied for this university as well. In other words, University A has an obligation to create a transparent system where the users can search policies and also review whenever needed. The discussion board encourages the users to share their views and improve the policies on a regular basis. The bulletin board is available exclusively for the stakeholders to know more about the structure. The other obligation of the university is to make the system accessible for all categories of students and maintain it as one place for the stakeholders to gather information.

When looking at the policies of Australia, it is also clear that the university has a CRICOS provider number and the RTO code followed for the other stakeholders to use without security issues. The university also wants to use this system to create updated information that shall be useful for the academic career of the students. In other words, the student management system has to contain student data, college information, course and batch details, curriculum, placement, reports, lectures and resources. Through the online interface, there is a need for the lecturers to also share course data to the students and offer feedbacks to the students for the homework. These obligations appear to be inline with the state regulations.

There are a few more obligations -

- Ensure security whenever user accesses the system

- Offer support services as promised in the policy statements

- Encourage student participation in the system

- Link student, teaching environment and research training with utmost quality

- Display accountability to any data thefts or violations and take the responsibility to study further


Q. Why are those obligations important? If breached, what is the consequence?

Answer - Importance of obligations

The continued access to data is the primary obligation as it facilitates better communication and lets all the stakeholders to utilize all the functions of the system as planned. This is important as per HESF.

Secondly, it is important to tell the students and teachers how the personal data will be protected. This transparency is important and University A will have to implement security algorithms in its SaaS server so that unauthorized access is prevented.

Like Victoria University's (2019) policy statement, it is essential to offer a FAQ where users are assisted with commonly asked questions and answers and this will save time. This part is meant to understand how the university gives importance to policies, frequency of review and development committee member details along with contact information.

The obligations are important as the students tend to use this system henceforth for all the operations and same with the lecturers. Further, they need to comply as per the local regulations so that users can use it without doubts.

Impact of breach

While the obligations are crucial for University A, it is equally important to understand the outcome if the obligation is breached.

The first thing that the university should have for people to report in case of a breach is to manage an internal complaint and dispute resolution cell that will ensure governance of the operations. If this is not present, the college will be penalized and the unique code number received as per CRICOS and RTO will be seized.

TEQSA commission takes the responsibility to supervise the degree of compliance to the obligations as instructed to all the service providers. Whenever there are violations of conduct or policies, the administration of TEQSA cancels registration. This is perhaps the reason for building a culture where service providers ensure self-assurance and adherence of compliance.

Universities in Australia encourage the policy development committee to issue risk management procedures. However, breaches of obligations are usually escalated to the senior management and investigation is carried out by the audit and risk management committee to understand the source of breach. Any criminal activity is punished as per law and IRT manages decisions for such breaches.

Compliance issues are usually first investigated by the governing body and the repeated instances of compliance issues can result in serious impacts (USC, 2018). All these make it clear that violations should be avoided and whenever there is a likelihood of risk, the audit and risk committee will have to enter into the scene and mitigate the same.

As per Information Privacy Act 2009, the information management framework of an university will have to maintain a breach register that will be verified at any instance by the authority.


Q. What does University A / this workforce need to do demonstrate the compliance?

Answer - Needs of the workforce

Looking at the obligations and regulatory procedures appropriate to University A, it is evident that the institution has to deploy superior workforce that can keep the reputation at its best.

Since there is a technology intervention in the development of student management system, there is a need for appointment of information security officer who will constantly watch the data sharing procedures and regulations followed. Whenever there is a problem, it has to be escalated to the risk committee.

The university has to deploy a 5-member risk committee to begin with. This committee will study the risk in terms of lack of data, absence of firewall, technological problem, financial crunch and operation misuse and issue a risk mitigation service to the concerned party. This committee has to work round the clock to ensure that the privacy is never breached.

The best part about the student management system deployment is that it will be operated only within the premises (USC, 2018). In other words, the data flow can happen just with the help of LAN and firewalls and the passwords need to be strong enough and authenticated with multiple factors to ensure that unethical access is not encouraged.

IT department has to be installed exclusively for this system. The role of the department is to ensure constant upload of updated information for quick access of students. Further, this department also monitors the interactions and encourages the features based on the role. For instance, lecturers can be given access to student grading and issuing reports online. On the other hand, students can be given access to study materials and forums. Both should not be given access to the administrator's features as the latter uploads financial returns and day to day operations of the university which can be confidential.

To demonstrate the compliance, the university should have (USC, 2018):

- IT department

- Audit and risk committee

- Information security officer

- Student and lecturer forums to discuss the pros and cons of the available system

- Policy committee/legal department that notes down the legal regulations and compliance procedures and stays inline with the reports issued by the audit and risk committee


Q. Any other areas that need to be considered in the initiative?

Answer - Other areas to consider

In this initiative, there is one area to be considered and it is ethics.

Having discussed much about the regulations and the infrastructure required to demonstrate compliance, ethics has not been discussed so far.

It is important for the university to follow ethics in all its operations. For instance, the lecturer is not entitled to upload course materials belonging to other university or wrong materials to the students. Similarly, it is mandatory for the organization to highlight how privacy, confidentiality and anonymity are maintained. Obtaining informed consent when adding cookies is important so the user is aware of how the data will be used.

Cybersecurity attacks are common and it is essential to address the third party attacks by implementing a firewall. Further, password authentication algorithms need to be tightened so that accessing system from outside will not become a problem. The existing server has to maintain hourly backups so that there is no data loss and all these need to be informed in the ethics and privacy statement section of policy.


Kickstarting a student management system is a good initiative as it brings together the students, lecturers and administrative department of the organization. However, to ensure that the university stays on top without any violations, it is essential to understand the regulations and spend sufficient investments towards infrastructure setup and security guarantee. With an attractive interface available for the stakeholders, compliance to the state regulations can boost the confidence and purpose of the system and the college on the whole.


Tag This :- EM19113ASH1405WR_2 Student Management System Assignment Help

get assignment Quote

Assignment Samples

Get Academic Excellence with Best Skilled Tutor! Order Assignment Now! Submit Assignment