Learning Outcomes
LO3 - Research, develop, and document a basic security policy, and analyse, record, and resolve all security incidents
LO4 - Identify and assess the threats to, and vulnerabilities of networks
Assessment Description
This assessment is designed to help students to research and analyze hot topics related to information security.
Assignment
This report gives you the opportunity to research, formulate, develop and document a basic security policy for a specific organization in Australia. Moreover, you are required to analyze, record, resolve security incidents and identify and assess the threats to, and vulnerabilities of the organisation's networks. This report will use many of the concepts and techniques discussed in this unit throughout the semester.
Please note, you will need to either choose from the list of examples of the industries provided below or come up with your own idea for a chosen specific organisation.
- Banking/Mortgage
- Hospital/Medical Centre
- Supermarket
- Vehicle rental
- Tourism agency
- Hotel/Motel
- School/University
- Library
- Aviation operator
- Property Management
Please discuss your chosen organisation and or ideas with your lecturer before you start your research. You might NOT be allowed to choose the same or similar specific organisation as other student in your class. You should aim at research, develop, and document answers to questions (a.) and (b.) below. Do not copy the examples of information security policies used in class!
You should state clearly:
- the name of the organisation you have chosen
- the stakeholders of the organisation
- the nature of the business and
- answer questions (a) and (b).
Questions:
(a.) Research, formulate, develop and document a strategic security policy for your chosen organisation based on the nature of the organisation and the stakeholders in the organisation.
(b.) Based on the security policy you have researched, formulated, developed and documented in the item (a.) above, identify and assess the potential threats and vulnerabilities of the company's network and discuss how such threats and vulnerabilities can be mitigated based on your research.