Provide hints for the below task :

hints should be more as I have to write 8000 words from it anyways Thanks for the help, I believe you will try your best.

Scenario

You are the principal consultant for a community based Charity. The Charity is involved in locating and providing accommodation, mental health services, training and support services to disadvantaged people in the community.

The Charity currently runs a small data center that has some 50 x86 64 bit servers running mainly Windows Server 2008 R2 for desktop services, database and file services. It also has 10 Red Hat Enterprise Linux 5 servers to service public facing Web pages, Web services and support.

The Charity is considering joining a community cloud provided by a public cloud vendor in order to provide a number of applications to all 500 support staff and administrative users. A small number of the Charitys applications are mission critical and the data that those applications use is both confidential and time sensitive.

The community cloud would also be used to store the Charitys 200TB of data. The data would be held in a SaaS database run by the public cloud vendor. The Charitys data contains a considerable amount of confidential information about the people to whom the Charity provides services.

The Charity collects PII data on the clients who use its services so that it can assist them to manage their different service requirements. This PII data also includes holding some digital identity data for some of the more disadvantaged clients, particularly if they also have mental health issues.

The cloud vendor has made a presentation to management that indicates that operational costs will drop dramatically if the cloud model is adopted. However, the Board of the Charity is concerned with the privacy and security of the data that it holds on the people that it provides services to in the community. It is concerned that a data breach may cause considerable damage to substantially disadvantaged people in the community.

The Board asks that you prepare a report that proposes appropriate privacy and security policies for the Charitys data.

The charity has also decided to: Purchase a HR and personnel management application from a US based company that provides a SaaS application The application will provide the charity with a HR suite that will provide a complete HR suite which will also include performance management. The application provider has advised that the company's main database is in California, with a replica in Dublin, Ireland. However, all data processing, configuration, maintenance, updates and feature releases are provided from the application provider's processing centre in Bangalore, India Employee data will be uploaded from DAS daily at 12:00 AEST. This will be processed in Bangalore before being loaded into the main provider database Employees can access their HR and Performance Management information through a link placed on the charity intranet. Each employee will use thein internal charity digital ID to authenticate to the HR and Performance management system. The internal digital ID is generated by the charity's Active Directory Instance and is used for internal authentication and authorisation. Move the the charity payroll to a COTS (Commercial Off The Shelf) application that it will manage in a public cloud; This application will provide the Charity with the suite of tools necessary to process and manage payrolls for all agencies within DAS. The application provider has advised that their software is distributed throughout the AWS cloud with instances in US East, US West, Europe, Asia Pacific, China and South America All configuration, maintenance, updates and feature releases are provided from the provider's offices in San Francisco, Beijing, Singapore, Mumbai and Dublin The provider does not do any additional processing of data entered into the application The charity payroll staff may access the payroll application through a SSO (Single Sign On) link to a secure URL. Authentication is made using the user's charity ID credentials. Each authorised user's authentication credentials are uploaded to the application to allow them to logon and access the payroll Data is uploaded to the application by the charity's payroll staff for each agency staff member, but can also be uploaded in bulk using a CSV file. CSV files are uploaded using an upload link in the application. Completed payroll files are sent to the appropriate banking institutions through a secure link provided by each bank. Regular transaction and audit reports for each agency are available to the charity's payroll staff