Objectives:
- Identify and solve complex organisational problems creatively and practically to increase the effectiveness of management processes through the development of a security program for an organisation.
- Evaluate, synthesise and critically review theoretical frameworks with other evidence to provide solutions to real-world problems by understanding security management models and practices.
- Demonstrate an understanding of change on organisations in the global environment and the impact of these on organisational systems by understanding risk management.
Background
This assignment will cover all the materials that presented in chapters 5-8 of your course textbook. Based on organisation selected in the previous assignments and depending on the size of the selected organisation (small, medium, large), you need to develop a security program to this organisation.
- This security program should reflect on the current roles and titles of the security personnel and make some suggestions for improvements and should include the following:
- Provide a professional plan to implement these changes incorporating training and education requirements.
- Determine if the selected organisation is already using any of ISO security standards and provide reasons for which ISO security standard would be most suitable for the selected organisation.
- Determine and discuss the suitability of one or more information security certifications that would assist in improving its security posture of the selected organization.
- Provide risk assessment which includes the identification of the key threats for the selected organisation and what controls could be put in place to reduce the associated risks to an acceptable level.
To protect security of the selected organisation, you are requested to invent the current security situation of this organisation. This will allow you to create a scenario that you can then use to apply your knowledge of the course materials.
As mentioned in the previous assignments, you need to make sure NOT to divulge any sensitive information of the selected organisation. If you are working in this organisation, use the internet to determine what information is available to the public.
Your research paper should include the following sections:
- Title
You are required to decide your paper's title.
- Name and student number
You need to write your name and student number directly under the paper title.
- Abstract
Abstract is one of the important parts of research papers. It is often the last part that you write, but the first thing people read when they want to have a quick overview of the whole paper. I suggest you leave writing the abstract to the end, because you will have a clearer picture of all of your work. A good abstract should has one well-developed paragraph that is coherent and concise, and is able to stand alone as a unit of information covers all the essential academic elements of the full length paper. You are required to write not more the 100 words.
- Introduction
In your research paper the introduction should include the following:
- The current security situation of your selected organisation
- What the research paper is about?
- The structure of the rest of the paper
- Body context
You could divide this section into several sub-sections such as
- Overall security program
- Professional plan of training requirements
- ISO security standards
- Information Security Certifications
- Risk assessment
- Conclusion
At the end of your research paper, a reader wants to know how to benefit from the work you accomplished in this paper. To do that, you need to connect the paper's findings to a larger context, such as the wider conversation about an issue as it is presented in a course or in other published writing, or by suggest the implications of your findings or the importance of the topic for security practice in general.
- References
Formatting Your Reference List. All documents cited in your assignment must be listed in a single alphabetical list at the end of the assignment.