Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Organisational Security

advertisement 
BTEC Extended Diploma In ICT
Unit 7: Organisational Systems Security
ASSIGNMENT
Assessment Activity Front Sheet
This front sheet must be completed by the student where appropriate and included with the work
submitted for assessment.
Students Name:
Assessors Name: George Dong
Date Issued:
Deadline:
(Issued to students)
Returned On:
(To be submitted by students)
(Returned by student)
Unit: 7
Organisational Systems Security
P1
P2
P3
P4
P5
P6
M1
M2
M3
D1
D2
In this assessment you will have opportunities to provide evidence against the
following criteria.
Unit
To pass this unit the evidence must show that the student is
Objectives
able to:
(Pass)
Objective 1
Objective 2
Objective 3
Show good knowledge and understanding of Organisational Systems Security
and must meet objectives 1-3 of the assessment criteria attached.
Understand the impact of potential threats to IT Systems.
Know how organisations can keep systems and data secure.
Understand the organisational issues affecting the security of IT Systems
Learner’s comments:
Sign…………………………
Assessor’s general comments:
Internal Verifiers approval to use with students
Comments
IV’s Name
Unit 7 Organisational Systems Security
IV’s Signature
Date
George
Unit Keywords:
malicious damage, counterfeit goods, technical failures, human errors, theft of
equipment, information security, confidentiality, integrity & completeness of data,
access to data, locks, visitor passes, sign in/out system, biometrics, retinal scans,
fingerprint, voice recognition, guards and cable shielding, encryption techniques,
call back, handshaking, diskless networks, use of backups, audit logs, firewall
configuration, virus checking software, use of virtual private network (VPN),
intruder detection systems, passwords, levels of access to data, software
updating, disaster recovery, whole system replacement, tiers of recovery,
disaster recovery policies, updating of security procedures, scheduling of security
audits, codes of conduct, mail usage policy, internet usage policy, software
acquisition, installation policy, surveillance policies, risk management, budget
setting, CMA 1990, CDPA 1988, open source, freeware, shareware and commercial
software, DPA 1984, 1998, 2000, ethical decisions making, freedom of
information
Statement of context
Scenario 1
You work as a Junior Technician for Technology Time, a small IT support
company that provides software and hardware support to a number of small and
medium sized businesses.
The User Support Manager has asked you to prepare documentation, which you
will present to various businesses, which will provide them with help and guidance
on security issues.
How to provide required evidence
The evidence for this unit should be presented in various forms, such as a, written
report, presentation, poster or a booklet. At the start of each task it will state how
you need to present it. I accept recorded presentations that could be played back to
the group.
Task 1 (P1, M1)
Deadline:
Create a PRESENTATION which will
a) Explain the impact of different types of threat on an organisation’s IT systems
and information. You need to include all potential threats (malicious damage,
threats related to e-commerce, counterfeit goods, technical failures, human
errors, theft of equipment).
b) You will also present this to a group and/or the whole class. [P1]
c) You need to discuss information security (confidentiality, integrity &
completeness of data, access to data) in relation to each of the threats and their
impact. [M1]
Unit 7 Organisational Systems Security
George
Task 2 (P2,P3)
Deadline:
Create a Poster which will:
a) Describe how physical security measures can help keep systems secure. You
need to include all of the following measures: locks, visitor passes, sign in/out
system, biometrics (retinal scans, fingerprint, voice recognition, guards and
cable shielding). [P2]
b) Describe how software and network security can keep systems and data
secure. You need to include ALL of the following: encryption techniques, call
back, handshaking, diskless networks, use of backups, audit logs, firewall
configuration, virus checking software, use of virtual private network (VPN),
intruder detection systems, passwords, levels of access to data, software
updating, disaster recovery e.g. backup systems, whole system replacement,
tiers of recovery) [P3]
c) You will also present these to a group and/or the whole class.[P2, P3]
Note: You need to make your poster appealing by being creative, such as the
use of images.
Task 3
(P4, P5)
Deadline:
Create a hand-out (leaflet) which will be given to new members of staff that will
a) Explain the policies and guidelines for managing organisational IT security
issues. You need to cover all of the following: disaster recovery policies,
updating of security procedures, scheduling of security audits, codes of
conduct (e.g. mail usage policy, internet usage policy, software acquisition,
installation policy), surveillance policies, risk management, budget setting. (P4)
b) Explain how employment contracts can affect security. You need to cover the
following: hiring policies, separation of duties, ensuring compliance including
disciplinary procedures, training and communicating with staff as to their
responsibilities. (P5)
c) You will present these to a group and/or the whole class. [P4, P5]
Unit 7 Organisational Systems Security
George
Task 4 (P6, M3)
Deadline:
Create a PowerPoint presentation that
a) Review the laws related to security and privacy of data. You need to
summarise the main principles, implementation and exemptions of the following
laws: CMA 1990, CDPA 1988, the copyrights differences between open source,
freeware, shareware and commercial software, privacy and compensation
requirements of DPA 1984, 1998, 2000 [P6].
b) Explain the role of ethical decisions making in organisational IT security. – you
need to state how to deal with them. The issues to be covered are: freedom of
information versus personal privacy (electoral roll, phone book and street maps
put together), permission to the use of e.g. photographs, videos and CCTV
footage. [M3]
c) You will present these to a group and/or the whole class.[P6]
Task 5 (M2,D1)
Deadline:
Create a report which will
a) Explain the operation and use of an encryption technique in ensuring security
of transmitted information. You need to explain clearly how each type of
encryption works (minimum two different methods) and how useful it is in
securing data. [M2]
b) Discuss different ways of recovering from a disaster. (You will need to
investigate disaster recovery options and discuss how and when they would be
used.[D1]
Task 6 (D2)
Deadline:
Write a report to:
a) Extending on basis of P6 and M3, evaluate the security policies used in an
organisation, focusing on how to strengthen the security of the IT systems.
Must consider the new and upcoming technologies and the threats
accompanying them, such as Bring Your Device.[D2]
Check: www.acm.org; www.bcs.org; www.bsa.org.uk; www.fast.org.uk; www.ico.gov.uk;
Unit 7 Organisational Systems Security
George
Name:
Interim feedback to student:
1
2
3
Declaration by student:
I declare that all the work submitted for assignment is my own work.
Student:
Unit 7 Organisational Systems Security
Date:
George
Criteria
To achieve the criteria the evidence must show
reference that the student is able to:
P1
P2
P3
P4
P5
P6
M1
M2
M3
Tick
if
met
Comment
Page
No.
Explain the impact of different types of
threats on an organisation.
Describe how physical security measures
can help keep systems secure.
Describe how software and network
security can keep systems and data
secure.
Explain the policies and guidelines for
managing organisational IT security issues.
Explain how employment contracts can
affect security.
Review the laws related to security and
privacy of data.
Discuss information security.
Explain the operation and use of an
encryption technique in ensuring security
of transmitted information.
Explain the role of ethical decision making
in organisational IT security.
D1
Discuss different ways of recovering from
a disaster.
D2
Evaluate the security policies used in an
organisation.
Unit 7 Organisational Systems Security
George
Related documents
114(i)_BOD_Trust OLD Strategy
114(i)_BOD_Trust OLD Strategy
View our Leadership & Management Development Training
View our Leadership & Management Development Training
Develop business productivity IT applications
Develop business productivity IT applications
LEARNING OUTCOMES
LEARNING OUTCOMES
Organisation Restructuring and Rightsizing
Organisation Restructuring and Rightsizing
Powerpoint8
Powerpoint8
ABEF Template - Leadership
ABEF Template - Leadership
WOHP Communications Strategy Template
WOHP Communications Strategy Template
Chapter 14 web links Seminal papers http://www.ics.uci.edu/corps
Chapter 14 web links Seminal papers http://www.ics.uci.edu/corps
Download
advertisement