The Scenario for Information Security Management Assessment Tasks

Qualified Writers
Rated 4.9/5 based on 2480 reviews

100% Plagiarism Free & Custom Written - Tailored to Your Instructions

Objectives

 

This assessment task can be undertaken in a group of up to 4 members or individually. Each group/student will analyse the given scenario of the organisation, and develop and document the specified Issue Specific Security Policy (ISSP) for the organisation.

 

Assessment Criteria

 

The students are assessed against their ability to analyse the given scenario and develop the specified ISSP.

The marking criteria for Assessment Item 1 are provided on page 4.Students need to familiarise themselves with the marking criteria to ensure that they have addressed them when preparing the document for this assessment item.

 

Assessment Task

 

You are required to analyse the scenario on page 3 and develop the following ISSP for the organisation described in the scenario:

 

  • Wireless Communication Policy

The ISSP should include:

 

  1. Statement of Purpose
  2. Authorised Uses
  3. Prohibited Uses
  4. Systems Management
  5. Violations of Policy
  6. Policy Review and Modification
  7. Limitations of Liability

You also need to include a section containing the justification of the contents of your policy as well as any assumptions that you have made.

 

Note: Each student (not just one student in a group) needs to upload the document containing the ISSP to Moodle. You must follow the Harvard citation and referencing guidelines.

 

Please do not include an executive summary, a table of contents, an introduction or a conclusion. Please use the ‘Template for Your Answers’ Section of this document and upload only that template.

 

Check the course website at least once a week for further information relating to this assessment task. Please ensure that you write your answers in your own words to avoid possible plagiarism and copyright violation. You can understand the Plagiarism Procedures by following the corresponding link in the CQ University Policies section of the Course Profile. 

The Scenario for Information Security Management Assessment Tasks

 

Farmers for Farmers (3F) is a cooperative society of crop farmers in Queensland founded one year ago. Established to increase the yield of its member farmers and reduce the wastage due to rotting of crops, the society sells the crops to the customers at a lower price than that of the few giant supermarket chains in the state. 3F competes with these supermarket chains by directly supplying the produce from the farmers to the consumers without an intermediary. To this end, 3F has its own trucks, five distribution centres in the state and six distribution vehicles at each distribution centre.

 

3F operates from a small office in Rockhampton and the customers can place their orders using the web interface of 3F or over the phone. The orders are processed using a proprietary software algorithm of 3F. By using this software, 3F not only collect the optimum quantities of crops from the farmers and deliver them on time to the distribution centres, but also deliver the order to the customers in a minimum time. This whole process is automated with the help of on-board computers on the trucks as well as on the distribution vehicles connected to the office of 3F and the farmers.

 

This software algorithm is also used by the farmers to order and add fertilizer to their farmlands, to water the plants, spray pesticides and collect the yield in an optimum fashion while saving energy costs, resources and money. For this purpose, the algorithm collects real-time information from the farms, such as air and soil temperature, humidity, soil moisture content, information about pests, rain fall figures and the intensity of sunlight, without human intervention. The farmers also connect to the Internet via the network of 3F and post questions to the online forums. 3F also includes an online banking society that provides most of the banking facilities of other banks to its member farmers. 3F needs the guarantee that their proprietary algorithm, and various data and information in their information system are secured.

 

After the success in Queensland, 3F expanded its services this year to the New South Wales farmers and customers as well.

As the society was established last year, the information security policies have not yet been developed. The society is now in the process of developing a comprehensive set of information security policies for its information system.

 

Note: This scenario was created by Dr Rohan de Silva on 7th June 2016 and without written permission from CQUniversity, Australia no part of this scenario should be reproduced by any individual or an organisation.

Marking Criteria

 

Section

HD

D

C

P

F

Max Mark

Mark

6

5.1

4.8

4.5

4.2

3.9

3.6

3

2.7

0

Assumptions

Listed all assumptions.

Some assumptions missing.

Most assumptions missing.

Not clear and most assumptions missing.

All assumptions missing.

6

 

Section

HD

D

C

P

F

 

 

3

2.55

2.4

2.25

2.1

1.95

1.8

1.5

1.35

0

Statement of Purpose

Contained all information in detail.

Contained all information but not enough detail.

Had too brief or missing information.

Not clear but contained most information.

Not clear and most information missing.

3

 

Authorised Uses

Contained all information in detail.

Contained all information but not enough detail.

Had too brief or missing information.

Not clear but contained most information.

Not clear and most information missing.

3

 

Prohibited Uses

Contained all information in detail.

Contained all information but not enough detail.

Had too brief or missing information.

Not clear but contained most information.

Not clear and most information missing.

3

 

Systems Management

Contained all information in detail.

Contained all information but not enough detail.

Had too brief or missing information.

Not clear but contained most information.

Not clear and most information missing.

3

 

Violations of Policy

Contained all information in detail.

Contained all information but not enough detail.

Had too brief or missing information.

Not clear but contained most information.

Not clear and most information missing.

3

 

Policy Review and Modification

Contained all information in detail.

Contained all information but not enough detail.

Had too brief or missing information.

Not clear but contained most information.

Not clear and most information missing.

3

 

Limitations and Liability

Contained all information in detail.

Contained all information but not enough detail.

Had too brief or missing information.

Not clear but contained most information.

Not clear and most information missing.

3

 

Section

HD

D

C

P

F

 

 

6

5.1

4.8

4.5

4.2

3.9

3.6

3

2.7

0

Justification

Focussed and contained all information in detail.

Focussed and contained but not enough detail.

Focussed but some information missing.

Not clear but contained most information.

Not clear and most information missing.

6

 

Section

HD

D

C

P

F

 

 

2

1.7

1.6

1.5

1.4

1.3

1.2

1

0.9

0

References

All references are listed according to Harvard reference style.

A few referencing errors.

Not all references are listed but correctly referenced..

Many references missing

No or incorrect reference list..

2

 

 

Price: £125

100% Plagiarism Free & Custom Written - Tailored to Your Instructions