information security managment
habeeb
COIT20263InformationSecurityManagement_Assignment2.docxCOIT20263 Information Security Management (Term 2, 2017)
Assessment Item 4—Practical and Written Assessment
|
Due date: |
11:30pm AEST, Friday, Week 11 |
ASSESSMENT |
|
Weighting: |
40% |
4 |
|
Length: |
3000 words (±500 words)
|
|
Objectives
This assessment task can be undertaken in a group of up to 4 members or individually. Each student/group will analyse the given scenario given on page 2, and write a report. The report should discuss the guidelines for managing the information security risks of the organisation.
Assessment criteria
Students are assessed against their ability to analyse the given scenario and discuss the guidelines for managing the information security risks of the organisation.
The marking criteria for Assessment Item 4 are provided on page 3. Students need to familiarise themselves with the marking criteria to ensure that they have addressed them when preparing this assessment item.
Assessment Task
Each student/group is required to analyse the scenario given on page 2 and produce a report that discusses the guidelines for managing the information security risks of the organisation. Your report should have the Executive Summary, Table of Contents, Introduction, Discussion (the guidelines), Assumptions and References sections.
Note: Each student in the group needs to upload the report of their group to Moodle. You must follow the Harvard citation and referencing guidelines.
Check the unit website at least once a week for further information relating to this assessment task. Please ensure that you write your answers in your own words to avoid possible plagiarism and copyright violation. You can understand the Plagiarism Procedures by following the corresponding link in the CQUniversity Policies section of the Unit Profile. Late assessments will be penalised as per the university policies and guidelines.
Submission
Your report should be submitted online through the COIT20263 Moodle unit website assessment block on or before the due date.
The Scenario for Information Security Management Assessment Tasks
Academics for Academics (A4A) is a Non-Governmental Organisation (NGO) that has its head office and the branch office in Sydney and Singapore respectively. Being a NGO, A4A funds all of its projects and activities from public donations. A4A has a team of 10 staff members, and 6 of them are located in Sydney office and the remaining four are located in the Singapore office.
A4A was established to help small public and private universities and colleges in Australia and Southeast Asia. The private universities and colleges that are interested in receiving the service of A4A need to register with A4A and become its member institutions. The academics and experienced professionals who like to provide a voluntary service such as teaching a subject, supervising a research project or development of curricula for a member institution, can register their interests with A4A. After a recruiting process, they can become members of A4A. A4A then recruit them to short term assignments at its member institutions. The members that are recruited to various projects will be provided with accommodation, meals, medical and travel expenses.
Once recruited to a project, the A4A member will work at the member institution but the information produced by the member, except the emails, marked assignments and exams will remain the property of A4A and the member. As such, all those information should be handled and stored by the information system of A4A irrespective of the location where the member works. A4A needs the guarantee that the various data and information in their information system are secured.
As A4A was established last year, the information security policies have not yet been developed. It is now in the process of developing a comprehensive set of information security policies for its information system.
Note: This scenario was created by Dr Rohan de Silva on 3rd June 2017 and no part of this scenario should be reproduced by any individual or an organisation without written permission from CQUniversity, Australia.
1 | 3
|
Marking Criteria |
||||||||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Section |
HD |
D |
C |
P |
F |
Max Mark |
Mark |
|||||||
|
|
5 |
4.5 |
4.25 |
4 |
3.75 |
3.5 |
3.25 |
3 |
2.5 |
2.4 |
1.2 |
0 |
|
|
|
Executive summary |
Covered all the sections of the report |
Contained all sections but not enough detail. |
Had too brief or missing sections. |
Not clear but contained most sections. |
Not clear and most sections missing. |
5 |
|
|||||||
|
Table of contents |
Used decimal notation. Included all headings and page numbers. Used ToC auto-generation. |
One feature was missing. |
A few features missing. |
Included only the main headings. |
ToC missing. |
5 |
|
|||||||
|
Introduction |
Set the scene for the report and described the purpose clearly. |
Contained all parts but not enough detail. |
Had too brief or missing parts. |
Not clear but contained most parts. |
Not clear and most parts missing. |
5 |
|
|||||||
|
|
HD |
D |
C |
P |
F |
|
|
|||||||
|
|
15 |
14 |
13 |
12 |
11 |
10.5 |
9.5 |
9 |
7.5 |
7 |
3.5 |
0 |
|
|
|
Discussion |
Discussed the guidelines for managing information security risks based on the standard, including any issues. |
Contained all information but not enough detail. |
Had too brief or missing information. |
Not clear but contained most information. |
Not clear and most information missing. |
15 |
|
|||||||
|
|
HD |
D |
C |
P |
F |
|
|
|||||||
|
|
5 |
4.5 |
4.25 |
4 |
3.75 |
3.5 |
3.25 |
3 |
2.5 |
2.4 |
1.2 |
0 |
|
|
|
Assumptions |
Correct list of assumptions. |
A few assumptions missing |
Several assumptions missing. |
Many assumptions missing. |
Not clear or not relevant.. |
5 |
|
|||||||
|
References |
All references are listed according to Harvard reference style. |
A few referencing errors. |
Not all references are listed but correctly referenced.. |
Many references missing |
No or incorrect reference list. |
5 |
|
|||||||
|
|
|
|
|
|
|
|
|
|
Plagiarism penalty |
|
|
|||
|
|
|
|
|
|
|
|
|
|
Late submission penalty |
|
|
|||
|
|
|
|
|
|
|
|
|
|
Total |
40 |
|
1
|
3
COIT20263 Informa
tion Security Management (Term
2
, 201
7
)
Assessment Item
4
—
Practical
and Written Assessment
Due date:
11:
3
0pm AEST,
Friday
, Week
11
ASSESSMENT
Weighting:
40%
4
Length:
3000
words
(±500 words)
Objectives
This assessment task can be undertaken in a group of up to 4 members or individually. Each
student
/group
will analyse the given scenario
given on page 2
, and write a report
.
The report
should
discuss
the
guidelines
for
managing
the
information security risk
s
of
the organisation.
Assessment criteria
S
tudents are assessed against their ability
to analyse the given scenario and discuss
the guidelines for
managing the information sec
urity risks of the
organisation
.
The marking
criteria for Assessme
nt Item
4
are provided on page 3
.
Students need to familiarise
themselves with the marking criteria to ensure that they have addressed them when preparing this
assessment item.
Assessment
T
ask
Each student/gr
oup
is
required to analyse the scenario
given on page 2
and
produce a report that
discusses
the guidelines for managing the information sec
urity risks of the organisation
.
Your report
should have
the Executive S
ummary,
Table of Contents, I
ntroduction
, D
isc
ussion
(the guidelines)
,
Assumptions and References sections
.
Note:
Each student
in the group
need
s
to
upload
the
report
of their group
to Moodle
.
You
must follow
the
Harvard citation and referencing
guidelines
.
Check the
unit
website at least once a week for further information relating to this
assessment task
.
Please ensure that you write your answers in your own words to avoid possible plagiarism and
copyright violation. You can understand the Plag
iarism Procedures by following the corresponding
link in the CQUniversity Policies section of the
Unit
Profile.
Late assessments will be penalised as per
the university policies and guidelines.
Submission
Your report should
be submitted online through the
COIT202
63
Moodle
unit
website assessment
b
lock on or before the due date.
1 | 3
COIT20263 Information Security Management (Term 2, 2017)
Assessment Item 4—Practical and Written Assessment
Due date:
11:30pm AEST, Friday, Week 11
ASSESSMENT
Weighting: 40%
4
Length: 3000 words (±500 words)
Objectives
This assessment task can be undertaken in a group of up to 4 members or individually. Each
student/group will analyse the given scenario given on page 2, and write a report. The report should
discuss the guidelines for managing the information security risks of the organisation.
Assessment criteria
Students are assessed against their ability to analyse the given scenario and discuss the guidelines for
managing the information security risks of the organisation.
The marking criteria for Assessment Item 4 are provided on page 3. Students need to familiarise
themselves with the marking criteria to ensure that they have addressed them when preparing this
assessment item.
Assessment Task
Each student/group is required to analyse the scenario given on page 2 and produce a report that
discusses the guidelines for managing the information security risks of the organisation. Your report
should have the Executive Summary, Table of Contents, Introduction, Discussion (the guidelines),
Assumptions and References sections.
Note: Each student in the group needs to upload the report of their group to Moodle. You must follow
the Harvard citation and referencing guidelines.
Check the unit website at least once a week for further information relating to this assessment task.
Please ensure that you write your answers in your own words to avoid possible plagiarism and
copyright violation. You can understand the Plagiarism Procedures by following the corresponding
link in the CQUniversity Policies section of the Unit Profile. Late assessments will be penalised as per
the university policies and guidelines.
Submission
Your report should be submitted online through the COIT20263 Moodle unit website assessment
block on or before the due date.
