report

Date/Time:

Location:

Chairperson:

Meeting Attendees:

Full names and roles

Agenda Item/Topic

Discussion/Outcomes

Action Officer

Due Date

Welcome

( Agenda item 1)

Topic?

( Agenda item 2)

Topic?

( Agenda item 3)

Topic?

Summary

Overall Summary

Decision/s

Action/s if any

Next Meeting time/date

Meeting closed at:

Minutes are a true and accurate record of the meeting

Approved/confirmed by whom?

Minutes of Meeting

Meeting Objective:

Attendees:

Venue:

Date:

No.

Points Discussed

Actions Suggested

Target Date

Signature of attendee 1: Signature of attendee 2:

Signature of attendee 3: Signature of attendee 4:

Intent:

Scope of the policy:

Definitions:

Introduction:

Policy principles and procedures (explain in terms of capability, responsibilities, culture, risk management and response and recovery):

Explain how you have established the current level of awareness in work area relating to cybersecurity? (50-100 words)

Explain how you have completed the policy and procedure to create and maintain cybersecurity awareness program that reflects organisation-wide best practice? (50-100 words)

Explain how you have contributed to developing cybersecurity policies and procedures, and communicated to required personnel? (50-100 words)

Your task must address the following performance criteria/ performance checklist.

To be assessed as satisfactory (S) in this assessment task, the student needs to demonstrate competency in the following critical aspects of evidence:

S

N/S

Trainer/Assessor to complete

(Comment and feedback to students)

a) Participation in the meeting and demonstrating skills and knowledge to understand the requirements to complete the assessment task.

·

·

b) Developed cyber security awareness in work area by developing one set of policies and procedures for a work area that promote cyber security awareness and practices

·

·

c) Established the current level of awareness in work area relating to cybersecurity

·

·

d) Completed the policy and procedure to create and maintain cybersecurity awareness program that reflects organisation-wide best practice

·

·

e) Contributed to developing cybersecurity policies and procedures, and communicated to required personnel

·

·

Cybersecurity training and information session

How would you evaluate the training provided? (50-100 words)  

· The training was relevant to the needs and requirements of the audience

· Materials provided were helpful

· Length of the training was sufficient and complied

· The content was well organised

· Questions were encouraged

· Instructions were clear and understandable

· The training met all expectations

· The topics covered well in the presentation

How did others evaluate the training provided? (50-100 words)

· The training was relevant to the needs and requirements of the audience

· Materials provided were helpful

· Length of the training was sufficient and complied

· The content was well organised

· Questions were encouraged

· Instructions were clear and understandable

· The training met all expectations

· The topics covered well in the presentation

Your task must address the following performance criteria/ performance checklist.

To be assessed as satisfactory (S) in this assessment task, the student needs to demonstrate competency in the following critical aspects of evidence:

S

N/S

Trainer/Assessor to complete

(Comment and feedback to students)

a) Plan and develop the presentation for the training session

·

·

b) All topics covered in the presentation

·

·

c) The delivery of the presentation meets the evaluation criteria

·

·

d) Review cyber security practices according to organisational policies and procedures

·

·

e) Arrange training and information updates as required, and maintain related records

·

·

f) Present insights from review and training to required personnel, and potential related impacts on the workplace

·

·

How have you reviewed the latest cybersecurity threats and trends impacting organisations? (Review any three)

Document outcomes of the review and suggested improvements for consideration by required personnel (50-100 words)

How have you communicated review outcomes and cybersecurity improvement requirements according to organisational policies and procedures? (50-100 words)

Your task must address the following performance criteria/ performance checklist.

To be assessed as satisfactory (S) in this assessment task, the student needs to demonstrate competency in the following critical aspects of evidence:

S

N/S

Trainer/Assessor to complete

(Comment and feedback to students)

a) Review latest cyber security threats and trends impacting organisations

·

·

b) Document outcomes of the review and suggested improvements for consideration by required personnel

·

·

c) Communicate review outcomes and cyber security improvement requirements according to organisational policies and procedures

·

·

Outcome

Outcome (make sure to tick the correct checkbox):

Satisfactory (S) ☐ or Not Satisfactory (NS) ☐

Date: _______(day)/ _______(month)/ ____________(year)

Feedback:

Outcome (make sure to tick the correct checkbox):

Satisfactory (S) ☐ or Not Satisfactory (NS) ☐

Date: _______(day)/ _______(month)/ ____________(year)

Feedback:

Student Declaration

· I declare that the answers I have provided are my own work. Where I have accessed information from other sources, I have provided references and or links to my sources.

· I have kept a copy of all relevant notes and reference material that I used as part of my submission.

· I have provided references for all sources where the information is not my own. I understand the consequences of falsifying documentation and plagiarism. I understand how the assessment is structured. I accept that the work I submit may be subject to verification to establish that it is my own.

· I understand that if I disagree with the assessment outcome, I can appeal the assessment process, and either re-submit additional evidence undertake gap training and or have my submission re-assessed.

· All appeal options have been explained to me.

Student Signature

Date

Trainer/Assessor Name

Trainer/Assessor Declaration

I hold:

☐ Vocational competencies at least to the level being delivered

☐ Current relevant industry skills

☐ Current knowledge and skills in VET, and undertake

☐ Ongoing professional development in VET

I declare that I have conducted an assessment of this student’s submission. The assessment tasks were deemed current, sufficient, valid and reliable. I declare that I have conducted a fair, valid, reliable, and flexible assessment. I have provided feedback to the student.

Trainer/Assessor Signature

Date

Office Use Only

The outcome of the assessment has been entered into the Student Management System

on _________________ (insert date)

by (insert Name) __________________________________

Student details

Full name:

Student ID:

Contact number:

Email address:

Trainer details

Full name:

Qualification/Course/Program Details

Code:

Name:

Unit of competency

Code:

BSBXCS402

Name:

Promote workplace cyber security awareness and best practices

Releases:

1.0

Release date:

28/February/2020

☐ By hand to trainer/assessor ☐ By email to trainer/assessor

☐ Online submission via Learning Management System (LMS)

☐ Any other method _________________________________________________

(Please describe here)

· I have read and understood the information in the Unit Requirements prior to commencing this Student Pack

· I certify that the work submitted for this assessment pack is my own. I have clearly referenced any sources used in my submission. I understand that a false declaration is a form of malpractice;

· I have kept a copy of this Student Pack and all relevant notes, attachments, and reference material that I used in the production of this Student Pack;

· For the purposes of assessment, I give the trainer/assessor permission to:

· Reproduce this assessment and provide a copy to another member of staff; and

· Take steps to authenticate the assessment, including communicating a copy of this assessment to a plagiarism checking service (which may retain a copy of the assessment on its database for future plagiarism checking).

Student signature: ________________________________

Date: ____/_____/______________

The student must be assessed as satisfactory in each of the following assessment methods in order to demonstrate competence in a variety of ways.

Evidence number/ Task number

Assessment method/ Type of evidence/ Task name

Sufficient evidence recorded/Outcome

Assessment task 1

Knowledge Test (KT)

S / NS (First Attempt)

S / NS (Second Attempt)

Assessment task 2

Project (PT)

S / NS (First Attempt)

S / NS (Second Attempt)

Outcome

C ☐ NYC ☐

Date assessed:

Trainer signature:

Your trainer is required to fill out the Assessment Plan Outcome records above, when:

· You have completed and submitted all the requirements for the assessment tasks for this cluster or unit of competency.

· Your work has been reviewed and assessed by your trainer/assessor.

· You have been assessed as either satisfactory or unsatisfactory for each assessment task within the unit of competency.

· You have been provided with relevant and detailed feedback.

Every assessment has a “Feedback to Student” section used to record the following information. Your trainer/assessor must also ensure that all sections are filled in appropriately, such as:

· Result of Assessment (satisfactory or unsatisfactory)

· Student name, signature and date

· Assessor name, signature and date

· Relevant and detailed feedback

You, the student, must read and understand all of the information in the Unit Requirements before completing the Student Pack. If you have any questions regarding the information, see your trainer/assessor for further information and clarification.

The purpose of this checklist

The pre-assessment checklist helps students determine if they are ready for assessment. The trainer/assessor must review the checklist with the student before the student attempts the assessment task. If any items of the checklist are incomplete or not clear to the student, the trainer/assessor must provide relevant information to the student to ensure they understand the requirements of the assessment task. The student must ensure they are ready for the assessment task before undertaking it.

Section 1: Information for Students

☐ Make sure you have completed the necessary prior learning before attempting this assessment.

☐ Make sure your trainer/assessor clearly explained the assessment process and tasks to be completed.

☐ Make sure you understand what evidence is required to be collected and how.

☐ Make sure you know your rights and the Complaints and Appeal process.

☐ Make sure you discuss any special needs or reasonable adjustments to be considered during the assessment (refer to the Reasonable Adjustments Strategy Matrix - Appendix A and negotiate these with your trainer/assessor).

☐ Make sure that you have access to a computer and the internet (if you prefer to type the answers).

☐ Make sure that you have all the required resources needed to complete this assessment task.

☐ The due date of this assessment task is in accordance with your timetable.

☐ In exceptional (compelling and compassionate) circumstances, an extension to submit an assessment can be granted by the trainer/assessor. Evidence of the compelling and compassionate circumstances must be provided together with your request for an extension to submit your assessment work.

☐ The request for an extension to submit your assessment work must be made before the due date.

Section 2: Reasonable adjustments

I confirm that I have reviewed the Reasonable Adjustments guidelines and criteria as provided in Appendix A and attached relevant evidence as required and select the correct checkbox.

☐ I do require reasonable adjustment

☐ I do not require reasonable adjustment

Declaration (Student to complete)

☐ I confirm that the purpose and procedure of this assessment task has been clearly explained to me.

☐ I confirm that I have been consulted about any special needs I might have in relation to the assessment process.

☐ I confirm that the criteria used for this assessment has been discussed with me, as have the consequences and possible outcomes of this assessment.

☐ I confirm I have accessed and understand the assessment information as provided in the Training Organisation’s Student Handbook.

☐ I confirm I have been given fair notice of the date, time, venue and/or other arrangements for this assessment.

☐ I confirm that I am ready for assessment.

Student Name: ______________________________________

Student Signature: ___________________________________ 

Assessment type

· Written Questions

Instructions provided to the student:

Assessment task description:     

· This is the first (1) assessment task you must successfully complete to be deemed competent in this unit of competency.

· The Knowledge Test is comprised of six (6) written questions

· You must respond to all questions and submit them to your Trainer/Assessor.

· You must answer all questions to the required level, e.g. provide an answer within the required word limit, to be deemed satisfactory in this task

· You will receive your feedback within two (2) weeks, and you will be notified by your Trainer/Assessor when your results are available.

Applicable conditions:        

· All knowledge tests are untimed and are conducted as open book assessment (this means you can refer to your textbook during the test).

· You must read and respond to all questions.

· You may handwrite/use a computer to answer the questions.

· You must complete the task independently.

· No marks or grades are allocated for this assessment task. The outcome of the task will be Satisfactory or Not Satisfactory.

· As you complete this assessment task, you are predominately demonstrating your written skills and knowledge to your trainer/assessor.

Resubmissions and reattempts: 

· Where a student’s answers are deemed not satisfactory after the first attempt, a resubmission attempt will be allowed.

· The student may speak to their trainer/assessor if they have any difficulty in completing this task and require reasonable adjustments.

· For more information, please refer to the Training Organisation’s Student Handbook.

Location:

· This assessment task may be completed in:

☐ a classroom

☐ learning management system (i.e. Moodle),

☐ workplace,

☐ or an independent learning environment.

· Your trainer/assessor will provide you with further information regarding the location for completing this assessment task.

Instructions for answering the written questions:

· Complete a written assessment consisting of a series of questions.

· You will be required to answer all the questions correctly.

· Do not start answering questions without understanding what is required. Read the questions carefully and critically analyse them for a few seconds; this will help you to identify what information is needed in the answer.

· Your answers must demonstrate an understanding and application of the relevant concepts and critical thinking.

· Be concise, to the point and write answers within the word-limit given to each question. Do not provide irrelevant information. Remember, quantity is not quality.

· You must write your responses in your own words.

· Use non-discriminatory language. The language used should not devalue, demean, or exclude individuals or groups based on attributes such as gender, disability, culture, race, religion, sexual preference or age. Gender-inclusive language should be used.

· When you quote, paraphrase, summarise or copy information from other sources to write your answers or research your work, always acknowledge the source.

Purpose of the assessment

This assessment task is designed to evaluate student’s knowledge essential to promote cyber security in a work area in a range of contexts and industry settings & knowledge regarding the following:

· Knowledge of legislative requirements relating to cyber security context of performance evidence, including:

· data protection

· implications of Notifiable Data Breach legislation on an organisation and other associated Australian privacy laws

· established international legislation

· Knowledge of organisational policies and procedures relating to:

· securely storing, sharing and managing information

· encryption, and protocols for its uses

· data classification and management

· media/document labelling

· data governance

· acceptable use

· bring your own device

· Knowledge of Australian government sources of information on current threats

· risks associated with workplace cyber security

· Knowledge of strategies and techniques for promoting workplace cyber security

· Knowledge of techniques for:

· implementing and promoting workplace cyber security awareness

· facilitating training that promotes cyber security awareness, including the use of simulated activities.

Task instructions

· This is an individual assessment.

· To ensure your responses are satisfactory, consult a range of learning resources and other information such as handouts, textbooks, learner resources etc.

· To be assessed as Satisfactory in this assessment task, all questions must be answered correctly.

Q1:

 Answer the following questions: 1.1. Discuss the purpose of The Privacy Amendment (Notifiable Data Breaches) Act 2017 using 30-60 words.  1.2. Explain personally identifiable information (PII) using 30-60 words.  1.3. Identify three (3) pieces of workplace-related information that can be constituted as personally identifiable information (PII).  1.4. Explain using 30-60 words why securing Personally Identifiable Information (PII) is a critical data protection task?  1.5. What are the four (4) specifications related to personally identifiable information (PII).  1.6. When an organisation or agency must notify affected individuals and the Office of the Australian Information Commissioner (OAIC) according to Notifiable Data Breach legislation and Privacy Act 1988? Answer using 20-40 words.  1.7.  Identify five (5) examples of serious harm under the Notifiable Data Breaches scheme?  1.8. What are the seven (7) principles of the General Data Protection Regulation (GDPR)? 

Satisfactory response

Yes

No

Q2:

Answer the following questions: 2.1. Why is it important to store, share and manage information securely? Answer using 30-60 words.  2.2. What are the uses of encryption? Answer using 20-40 words.  2.3. What is the difference between WEP and WPA encryption protocols? Answer using 20-40 words. 2.4. Explain data classification using 20-40 words.  2.5. What are media labelling and document labelling requirements? Answer using 20-40 words.  2.6. Explain data governance using 30-60 words.  2.7. Discuss acceptable use policy (AUP) using 30-60 words.  2.8. What are the three (3) disadvantages of bring-your-own-device (BYOD) processes at a workplace? 

Satisfactory response

Yes

No

Q3:

Answer the following questions: 3.1. Identify and explain the purpose of an Australian Government organisation working in cyber security using 30-60 words.  3.2. What is the importance of preparing and publishing a threat report on an ongoing basis? Answer using 30-60 words.

Satisfactory response

Yes

No

Q4:

Answer the following questions: 4.1. How can cyber security be instilled in workplace culture? Answer using 20-40 words. 4.2. Identify five (5) risks associated with workplace cyber security awareness and best practices

Satisfactory response

Yes

No

Q5:

Answer the following questions: 5.1. How should you promote cyber security in the workplace? Discuss the strategies and techniques to promote cyber security in the workplace using 30-60 words.  5.2. What aspects should be considered when promoting cyber security at a workplace? Identify five (5) aspects.

Satisfactory response

Yes

No

Q6:

Answer the following questions: 6.1. How do you implement a workplace cyber security awareness program? Explain using 30-60 words.  6.2. What is the purpose of cyber security awareness training using simulated activities?  Explain using 30-60 words.

Satisfactory response

Yes

No

Outcome

Outcome (make sure to tick the correct checkbox):

Satisfactory (S) ☐ or Not Satisfactory (NS) ☐

Date: _______(day)/ _______(month)/ _______(year)

Feedback:

Outcome (please make sure to tick the correct checkbox):

Satisfactory (S) ☐ or Not Satisfactory (NS) ☐

Date: _______(day)/ _______(month)/ _______(year)

Feedback:

Student Declaration

· I declare that the answers I have provided are my own work. Where I have accessed information from other sources, I have provided references and/or links to my sources.

· I have kept a copy of all relevant notes and reference material that I used as part of my submission.

· I have provided references for all sources where the information is not my own. I understand the consequences of falsifying documentation and plagiarism. I understand how the assessment is structured. I accept that the work I submit may be subject to verification to establish that it is my own.

· I understand that if I disagree with the assessment outcome, I can appeal the assessment process, and either re-submit additional evidence undertake gap training and or have my submission re-assessed.

· All appeal options have been explained to me.

Student Signature

Date

Trainer/Assessor Name

Trainer/Assessor Declaration

I hold:

☐ Vocational competencies at least to the level being delivered

☐ Current relevant industry skills

☐ Current knowledge and skills in VET, and undertake

☐ Ongoing professional development in VET

I declare that I have conducted an assessment of this student’s submission. The assessment tasks were deemed current, sufficient, valid and reliable. I declare that I have conducted a fair, valid, reliable, and flexible assessment. I have provided feedback to the student.

Trainer/Assessor Signature

Date

Office Use Only

The outcome of this assessment has been entered into the Student Management System

on _________________ (insert date)

by (insert Name) __________________________________