The second assignment requires you to apply research skills and information security management theory to the same organization that you chose for the first assignment; however, this time you will focus attention on Risk Management. Read the “Assignment Brief” section first to get a general idea, then complete the tasks detailed for the assignment.

This assignment aligns with the Course Learning Outcomes #5 – to analyse risk theories and how they are applied to the protection of assets, and #6 – reflect, and critically evaluate ethical issues that relate to the practice of information security. Like the first assignment, this one also aligns with the University’s Graduate Attributes in respect of acquiring research skills.

To prepare for this assignment, you need to pre-study chapter 8 “Risk Management: Identifying and Assessing Risk” in Whitman & Mattord, 4th edition. This chapter gives you a basic grounding in the subject of risk management.

Assignment 2 in Brief


A variety of tasks are required in this second written assignment, expressed in the four questions you are asked to address. First, read all the questions to get an idea of the overall work, then read the ssignment Formatting Requirements for how to present your work.

Assignment 2 Requirements and Report structure

  1. Review your organization (its size, its mission, its place in the market) but this time consider the organization as a whole. In terms of Information Security, identify five potential or real vulnerabilities specific to your organization, and briefly describe each, with reasons for your choice. Remember to discuss the vulnerabilities in terms of your particular organization rather than in general terms. (5 marks)

  1. Using the risk management principles outlined in Chapter 8 of Whitman and Mattord, discuss how different risk theories would be applied to the protection of Information assets in your organization. (5 marks)

  1. Study Chapter 12, then reflect on, and critically evaluate the Ethical issues applicable to Information Security in general and in particular for your organization, giving due consideration to the various contexts in which the organization operates. For example, you could evaluate the economic, political,social, environment, legal, global position, and employee relations contexts. (15 marks)

  1. Using Internet news resources, research three instances of significant breaches in Information Security within industry in the past 10 years. Summarize the nature of the breach, and the consequences for the organization at the time. Finally, clearly articulate in your own words why you think these security breaches occurred in those organisations, being sure to identify the points of failure, and how the breaches could have been avoided.(15 marks)


Assignment Formatting Requirements

Ensure that your report includes the following sections in the order shown:

  • Title page (no borders or frames; required details include a suitable report title, assignment title, your name, student number, course code and title, term and year, name of your tutor, due date, and the date submitted; use the font size, line spacing, grouping and placing of the text according to the relevance and significance of the text)

  • Executive Summary (Write the Executive Summary after you have finished the rest of the report. The executive summary should, in less than one page, allow a busy person to grasp the essential details of your report without having to read the entire report).

  • Introduction (identify the purpose of the report and what will happen in the report, no need to have further sub-headings within ‘Introduction’ heading)

  • Main body of report

  • References list (Use Harvard referencing style and note that only cited references should be in the list. Consult a Harvard or Author-Date referencing guide for details).

Other formatting details

  • Headers (Assignment title, centred, and page number, right aligned)

  • Footers (student ID and your last name, left aligned, and course code/term/year, right aligned)

  • Text formatting (Times New Roman, 12pt., single-spaced. You may also make use of appropriate emphasis such as bold, italics, and underscore)

  • Paragraph formatting (left aligned, single spaced and 6 pt space after each paragraph)

  • Page formatting (should be in A4, portrait orientation, with 0.5cm Gutter on the left, with 2.54cm margin all around, and with header and footer 1.25cm from edge)

  • Header and footer should start from the page containing ‘Introduction’ heading. Use section breaks to control this.

  • Do not number Headings and sub-headings.

  • Title page and Executive Summary should be on separate pages.

  • Your Introduction should start on a new page.

  • The reference list should be placed on its own page.

  • A separate Recommendations/Conclusions/Summary section is not required for Assignment One.

How the Assignment will be assessed

The assessment criteria and maximum marks allocated for each question is shown in the table below. Additional marks will be awarded (or lost) for quality of expression and use of own words (5 marks), conformance to formatting requirements (4 marks), correct spelling and grammar (2 marks), correct use of citations in Harvard style (5 marks)and correctly formatted reference list in Harvard style (4 marks). The final marks total will be reduced by any late penalties or plagiarism penalties.

Needs Improvement




Q.1 – 5 marks for:

clarity and accuracy.

Less than 2.5

2.5 – 3.5

Gr than 3.5

Q.2 – 5 marks for:

Clarity and comprehensiveness of the discussion

Less than 2.5

2.5 – 3.5

Gr than 3.5

Q.3 – 15 marks for:

Clarity of the reflections and


Less than 7.5

7.5 - 12

Gr than 12

Q.4 – 15 marks for:

Choice of cases; quality and clarity of the discussion

Less than 7.5

7.5 - 12

Gr than 12

Correct Referencing

For all assignments, use HARVARD referencing style for in-text referencing and for the References List. Check the course web site for links to help with referencing and the Harvard referencing guide.

Copy detection/plagiarism process

On submission, assignments are scanned by the copy detection software, Turnitin. Your assignment is checked against all submitted assignments from current and previous terms for this course and other courses as well. Any copying found in the process of running this software may be investigated. If copying is found, marks can be deducted for any part of the work that is categorised as plagiarism, and further, any student identified in the copy detection process may be subject to penalties up to and including failing the course or expulsion from the University. Full details of the University’s plagiarism policies are available from the CQU website.