P5: Analyze research and data using appropriate tools and techniques.

Introduction
I work as trainee as an IT security specialist for leading security consultancy. As a part of my role, I
have to carry out small scale research in order to recognize and discover a range of software
vulnerability that potentially impacts on range of businesses. In this task, I am going to analyze the
documents of questionnaire which I have collected in previous tasks using appropriate tools and
techniques. Research is basically a term used for a systematic search for getting relevant answers on
any taken-up topic (Anon., n.d.). Various research was done and, in this task, I analyzed the research
and data carried using appropriate analytical tools and techniques. The evaluation of the selected
analysis tools and techniques considering accuracy and authenticity with proper justification has
been carried out.

Tools and Techniques used for research analysis

Various tools are there for doing research and they are used according to the need and suitability.
Appropriate analysis techniques must be used so as to get the desired results which can be
forecasted, problem scan be identified and resolved and rationale decision can be made that
enhance the reliability and productivity of the project. As there can be various problem while doing
research, the use of research analysis tools varies according to the problems occurred and variables
involved. As various research on security vulnerabilities of the company are done and some of the
research analysis techniques used during the project are:

Percentage technique
Percentage technique is a technique from which information are converted in numerical form of percent. I
converted the answer of the company and converted it into percentage. For example:

Male Female Not Specified Total

How many 55% 45% 0%
employees are
there in your
company?

In this way, we can convert the answer to percentage and we can achieve total point of data or information
collection. Using a filer is another useful tool for modeling data. Filtering means narrowing your focus to
one particular subgroup and filtering out the others. So instead of comparing subgroups to one another,
here we’re just looking at how one subgroup answered the question. From this tool we can numerically
evaluate the percentage and convert it into a numerical value, so we know how many companies have
vulnerability and how can they recognize, discover and solve the vulnerability. Our data collection is from
random selection of company. So, data may not be same but most of the company can tick in the same
answer so common answer will be in priority.

2. Using Microsoft excel for analyzing my data collection

Companies which was not accepting hardcopy of the questionnaire, for these companies I had sent the
document of questionnaire to the company’s email. For softcopy of the document, I have analyzed the
collected data from excel. It is very easy to analyze questionnaire data from excel. There are five steps to
analyze the questionnaire from excel that are:

• Step 1: Create an Excel database

• Step 2: Code data
• Step 3: Enter data
• Step 4: Clean data
• Step 5: Analyze data

Conclusion
This task is all about tools and techniques used for analyzing the collected data and information. Tools and
techniques in research are the statistical methods of collection, analysis, interpretation, and organization of
data. Statistics provides numerous tools and techniques to analyze the data and interpret the results of the
analysis. Data analysis is collecting and organizing of data so that a researcher can come to a conclusion. So,
in this task, I have discussed about tools and technique used for my data analyzing like percentage
techniques or tool and data analyzing using Microsoft excel or spreadsheet.

P6: Communicate appropriate recommendations as a result of research and data analysis to draw valid
and meaningful conclusion.
Introduction
As being IT specialist, this research was done so as to find out various security vulnerabilities in an
organization. This research has got its own aims and objectives. Various tools, techniques, methods
 and resources are used while doing research so as to produce suitable result. As knowledge of
various tools and techniques can be generated research helps in learning process as the skills can be
used and applied. In previous task, I have already analyzed my collected information or data using
two techniques one is percentage technique and other is analyze from Microsoft Excel.

Using research Effectively

As this research was carried out in company or organization it was a challenging task to keep track of
the progress, meet the aims and objective of the project and address all the vital aspects necessary
for project. As various members were involved in this research it focuses on learning processes
where researcher gain knowledge about different skills and experience. As it was carried out in IT
related areas various security vulnerabilities present in the system are examined. Some amount of
budget was estimated so as to carry out the project and it helped to analyze whether the project
plan can be carried under that estimated budget or not.

Project Management Process and quality research

Project management is a process that includes planning, putting the project plan into action, and
measuring progress and performance. Project management is the application of knowledge, skills,
tools, and techniques applied to project activities in order to meet the project
requirements[ CITATION Adr18 \l 1033 ]. Achieving the goals of the project depends on a number of
factors such as the project environment, levels of organizational effectiveness, budgeting and
planning frameworks, having the right culture and values, the size and complexity of the projects
being undertaken, and having the right people with the requisite skills, attitudes, and experience.
Quality research provides evidence that is robust, ethical, stands up to scrutiny and is adhered to
principles of professionalism, transparency, accountability and auditability. Similarly, it provides
information of the strengths and limitations of the methodology, data collected and findings.

Applying
After completing the analysis of collected data or information, I needed to start interpreting the findings to
develop some recommendations. I needed to apply the analysis finding into some recommendations. This
means that I needed to put into use or find a purpose for the analytical results. For example, my analysis
showed that the main vulnerability of the software is “weaknesses in authentication, authorization or
cryptographic practices”. So that to solve these vulnerabilities I have to focus on coding and testing of
authentication, authorization or cryptographic and make software better and vulnerability free.
Drawing Conclusions
After completing the analysis of data or information suggested or gathered to make importance out of what
isn't plainly expressed. I needed to apply the analysis finding into some recommendations. This means that
I needed to put into use or find a purpose for the analytical results. For example, my analysis showed that
the main vulnerability of the software is “weaknesses in authentication, authorization or cryptographic
practices”. So that to solve these vulnerabilities I have to focus on coding and testing of authentication,
authorization or cryptographic and make software better and vulnerability free.

So, from saying my experience, every company has at least little vulnerability in the software or system. So
nowadays there are many vulnerabilities in the software like memory safety violations such as buffer
overflows and over-reads etc., input validation errors (such as Code injection), privilege (confusion bugs
such as clickjacking), Race conditions (such as symlink races, side channel attack, timing attack etc.) and user
interface failures etc. these are the main vulnerabilities of the software or system but after I collect
information or data with the help of questionnaire. I found that most of the company feels bugs and
vulnerability and most of the company face authentication, authorization and cryptographic errors. So, this
is the common vulnerability in most of the companies. Besides these there are also vulnerability in code as
error or bugs and this is also main vulnerability of the software. For analyzing the answers of the
quantitative research, I use tools and techniques like percentage techniques from which I was able to
change answers from questionnaire to percentage value and after I found percentage of answer, I
converted it into numeric value. There was also Microsoft excel from which I was able to analyze the
collected data by making spreadsheet.

Conclusion
As the project has got various aims and objective the research helps to achieve aims and objective.
Similarly, the knowledge gained after the completion of the project was fruitful. Various tools and
techniques were used and they were suitable. I was communicating appropriate recommendations as result
of research and data analysis, for this I drawing valid and meaningful conclusion that what I have done after
collect information and what I have found out in whole project. So, in this way, this task has been
completed.