Information Security Management-
Objectives- This assessment task can be undertaken in a group of up to 4 members or individually. Each group/student will analyse the given scenario of the organisation, and develop and document the specified Issue Specific Security Policy (ISSP) for the organisation.
Assessment criteria - The students are assessed against their ability to analyse the given scenario and develop the specified ISSP.
The marking criteria for Assessment Item 1 are provided on page 4.Students need to familiarise themselves with the marking criteria to ensure that they have addressed them when preparing the document for this assessment item.
Assessment Task - You are required to analyse the scenario on page 3 and develop the following ISSP for the organisation described in the scenario:
• Access and use of sensitive information of the organisation
The ISSP should include:
1. Statement of Purpose
2. Authorised Uses
3. Prohibited Uses
4. Systems Management
5. Violations of Policy
6. Policy Review and Modification
7. Limitations of Liability
You also need to include a section containing the justification of the contents of your policy as well as any assumptions that you have made.
Note: You need to upload the document containing the ISSP to Moodle. You must follow the Harvard citation and referencing guidelines.
Please do not include an executive summary, a table of contents, an introduction or a conclusion. Please use the ‘Template for Your Answers' Section of this document and upload only that template.
Check the course website at least once a week for further information relating to this assessment task. Please ensure that you write your answers in your own words to avoid possible plagiarism and copyright violation. You can understand the Plagiarism Procedures by following the corresponding link in the CQUniversity Policies section of the Course Profile.
The Scenario for Information Security Management Assessment Tasks
A private company in Australia plans to establish a private nursing school. The main campus of the nursing school is located in a suburb of Sydney and the satellite campuses are located in the suburbs of capital cities of three South East Asian countries. The company has made agreements with a private hospital in each of these locations to provide the internship and training to the students of the nursing school. The main and satellite campuses that are currently being constructed will have modern communication networks suitable for the business.
The lectures, tutorials and laboratory classes conducted in the main campus will form virtual classrooms with the satellite campuses. The students can participate in the virtual classes from within the campus premises or from their homes. More than 100 students are expected to enrol in each location in the first year.
The management of the company plans to help out the wider community by providing a telemedicine and homecare service to the needy patients at their homes. This service covers a radius of about 200km from the main and satellite campuses and will be provided with the help of a mobile team of health personnel.
The mobile team will be able to receive medical advice directly from the medical staff of the hospital in their country as well as the private hospital in Sydney via a virtual consultation room. The hospitals should be able to locate and contact all registered homecare patients. The nursing school should know the location of all their students and staff when they are on duty.
As the company is newly established, the information security policies are yet to be developed.