Assessment Item 1


Value: 10%

Due date: 12-Aug-2016

Return date: 02-Sep-2016


Submission method options

Alternative submission method




Get Assignment help for this assignment with hndassignmenthelp@gmail.com





Task



Specific issues that you need to address in the forum discussions are provided within the first 3 topics.

These questions are posed for you to reflect on in the form of written Discussion Board (forum) posts.

As this is a postgraduate course, it is expected that your written responses will provide you an opportunity to express your personal and professional views. There are no correct answers, however the way you justify your answers with validated evidence is key to this activity.

Post your forum entries as you are prompted within the topics. Your Subject Co-ordinator will respond to your first forum post, and monitor and moderate as required the remaining 2 posts.

You must curate, collect and save your responses in a word document to be submitted on Turnitin. This activity's final mark will be provided prior to the final assessment item.




Rationale



As this is a graduate course, more is expected from students in the way of participation, and further as a graduate reading course, the opinions of students are actively sought to demonstrate that the reading material has been read, understood and provoked a response. The readings on a given topic will in general not agree on all issues in the topic, such as the role and feasibility of cyber-insurance, and soliciting written responses from students gives an opportunity for expressing opinions from the professional experience of each student. Also being a distance course, regular posting on the forum promotes the cohesion of the cohort and a notion of group learning for this course.




Marking criteria



The written responses for each topic will be reviewed and assessed by the Subject Coordinator.

Students will be evaluated on:
  • Regular participation in forum activities

  • Understanding of the topic

  • Use of supporting evidence

  • Written expression

  • Constructive engagement in conversations to build learning community













CriteriaHDDICRPSFL
Participation, understanding, evidence, writing, engagementContributed to every forum discussion in a meaningful way. Posts demonstrate a deep understanding of the content, well supported by evidence. Posts are clear and well written, leading discussions.Frequent participation in forum discussions, demonstrating a good understanding of the content, supported by evidence. Posts have few errors and promote discussion.Regular participation, demonstrating sound understanding of the content. Some comments lack detail and/or depth, and may contain minor errors.Regular participation, demonstrating understanding of the content. May contain significant errors.No regular participation or contribution to the learning community, no demonstration that the content has been understood.




Presentation



Forum posts will be delivered through the respective tools on the Interact site for the course.





Assessment item 2


Assessment Item 2


Value: 25%

Due date: 26-Aug-2016

Return date: 19-Sep-2016


Submission method options

Alternative submission method



Task



Examine the following case study:
http://www.finance.nsw.gov.au/ict/resources/nsw-government-digital-information-security-policy

1. Use a diagram (produced by the means of using Rationale, Visio or any other relevant software application of your choice) to illustrate current security risks and concerns considered by the NSW government.

2. Provide detailed explanation of the diagram and identify the areas of: high, medium, medium-low, and low risk exposure.

3. Carry out comparative analysis of the Deliberate and Accidental Threats and rank those threats in order of importance. Justify your rankings not only on the basis of the case study but also by the means of doing further research and drawing upon other relevant case studies (e.g. Security guidelines for other private and public organizations) that you can identify.

4. While drawing upon theories, tools and patterns covered in the subject (e.g. ‘’thinking in zones’’ concept) as well as your own research, explain the challenges that the NSW government is going to face while deciding on whether security/risk management should be carried out internally or externally (e.g. via outsourcing).

5. Explain the difference between the concepts of ‘’Risk’’ and ‘’Uncertainty’’ (make sure that your discussion is linked to the case considered).

6. Discuss and evaluate (with examples) different approaches available to the NSW government for risk control and mitigation.




Rationale



To demonstrate your understanding of:

• the principles of information security management;
• the eight rules of security;
• the application of security management principles to real-world examples;
• the principles of security risk management.




Marking criteria












































CriteriaHDDICRPSFL
Question 1 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 2 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 3 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 4 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 5 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 6 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.




Presentation



Note: Marks will be deducted for poor spelling and grammar or incorrect referencing style:
Incorrect or poor spelling and grammar (up to -5 marks)

Incorrect use of APA referencing style (up to -5 marks)





Assessment item 3


Assessment Item 3


Value: 25%

Due date: 23-Sep-2016

Return date: 08-Feb-2016


Submission method options

Alternative submission method



Task



Consider the following Case study:
http://www.enisa.europa.eu/activities/risk-management/evolving-threat-environment/enisa-threat-landscape/enisa-threat-landscape-2014

And answer the following Questions: (2.5 marks each)

1) Provide a brief overview of the case study.
2) Prepare a diagram for the ENISA security infrastructure.
3) Identify strategies for combatting Insider Threats.
4) Out of the ‘’Top threats’’ which threat would you regard to be the most significant and why?
5) Identify and discuss the key Threat Agents. What could be done to minimize their impact on the system?
6) Provide a brief summary (literature review) of Social Hacking issues.
7) Based on the data provided in Table 2, discuss the trends in threat probability.
8) How could the ETL process be improved? Discuss.
9) Based on Table 10 and your own research, identify and discuss threats that (in your opinion) will be most challenging for ENISA to combat in the year 2016 onwards.
10) To sum up, should ENISA be satisfied with its current state of IT Security? Why? Or Why not?



Rationale



To demonstrate your understanding of:

• the principles of security risk management; and
• the application of risk management principles to real-world examples.




Marking criteria




































































CriteriaHDDICRPSFL
Question 1 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 2 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 3 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 4 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 5 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 6 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 7 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 8 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 9 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.
Question 10 - Correctness, explanation, figures, grammarAnswer is correct, and complete. Comprehensive explanation is provided with appropriate example. Figures (if appropriate) were used and. Appropriate reference style is used. No grammatical or spelling mistake.Answer is correct and a detailed explanation is provided. References are used. No/only a few grammatical or spelling mistakes.The answer is correct, but the explanation is not complete. Very few references are used and not formatted appropriately.The answer is correct but not complete and only adequate explanation is provided. No references are used. There are grammatical errors and spelling mistakes.The answer is not fully correct and not complete and not adequate explanation is provided. No references are used. There are many grammatical errors and spelling mistakes.




Presentation


  • Assignments are required to be submitted in either Word format (.doc, or .docx), Open Office format (.odf), Rich Text File format (.rtf) or .pdf format. Each assignment must be submitted as a single document.

  • Assignments should be typed using 10 or 12 point font. APA referencing style should be used. A reference list should be included with each assessment item.

  • All diagrams that are required should be inserted into the document in the appropriate position. Diagrams that are submitted in addition to the assignment document will not be marked.





Assessment item 4


Assessment Item 4


Value: 40%

Due date: 12-Oct-2016

Return date: 03-Nov-2016


Submission method options

Alternative submission method



Task



The final assessment for ITC 596 is to deliver an IT Risk Assessment Case Study in support of a significant technology decision that is to be taken by a fictional company called Aztek that operates in the Australian Financial Services sector.

Senior executives in both business and technology divisions within Aztec have collected a portfolio of projects from their respective strategists that could be potentially funded for deployment. The portfolio includes projects such as:

• Allowing employees to bring their own devices (laptops, tablets and mobile phones for example) into the workplace to be used as their main or sole devices in achieving their work tasks.

• Migrating business-critical applications and their associated data sources to an external Cloud hosting solution.

• Outsourcing key IT functionality such as the network, desktop management or application development to a third party.

• Upgrading or introducing a major technology such as mobile platforms and applications, migrating to an improved networking technology (such as IPv6), creating a corporate-wide email archive for compliance purposes, or upgrading applications and desktop operating systems.

Each of these potential projects carries significant IT risks which will need to be managed to support the business case as to whether the project should go forward. In this case study, you are the IT Risk Assessment lead at Aztek, and your role is to be the interface between business stakeholders and technologists, translating potential technical difficulties into risk language to facilitate effective decision-making by stakeholders.

For the Aztek case study you will need to select one of the projects from the list above for a thorough IT Risk Assessment. You may select another project beyond those listed above with the approval of the subject coordinator, and you may wish to select a project that is relevant to your workplace for example.

Your deliverable for this ITC 596 Case Study is an IT Risk Assessment report, written for the intended audience of Aztek management providing a risk assessment of the project you have selected to consider.

Your report must be a Microsoft Word document, 15 – 25 pages in length at 12 point font and single spacing. The report must address the following criteria:

• An Executive Summary at the beginning of the report which provides a clear statement of the IT technology project that is being assessed, and an overview of your recommendations to Aztek management as to the merits of the project based on your risk assessment (2 – 3 pages in length).

• A review of the project with respect to the Financial Services sector, which would include any relevant government or industry regulation or compliance, and any established best practices (2 – 3 pages in length).

• A review of the project impact on the current security posture of Aztec, as expressed by its current maturity against IT Security policies and procedures (3 – 5 pages in length).

• A risk assessment based on threats, vulnerabilities and consequences derived from an IT control framework and any existing industry risk recommendations for the project. For example, there are several consortia for Cloud Computing that have created IT Risk Assessments for this technology (4 – 10 pages in length).

• Specially address risks for Data Security from the viewpoint in the project of what data will be used, who will have access to the data and where will the data flow (2 – 4 pages in length).



Rationale



• To assess that the student has a holistic grasp of IT Risk Assessment techniques and issues, which can then be applied to produce valuable support for decision-makers.

• Develop an IT Risk Assessment opinion from both a bottom-up perspective of assessing controls, threats and vulnerabilities, and translate these findings into business risk language.

• Deliver an IT Risk Assessment based on a proposed business project that required technical risk to be assessed and managed.



Marking criteria














CriteriaHDDICRPSFL
Completeness, purpose, meaning, formatting, grammarThe report addresses all the stated sections in detail, with a common meaning and purpose flowing through the sections, leading to an authoritative conclusion, in a well-formatted document written without grammatical errors.The report addresses all the stated sections in detail, a common meaning and purpose flowing through the sections, leading to a convincing conclusion, in a well-formatted document written without grammatical errors.The report addresses all the stated sections in detail, leading to a convincing conclusion, in a well-formatted document.The report addresses all the stated sections, leading to a plausible conclusion.The report does not or limited addresses all the stated sections, leading to a plausible conclusion.

• (15%) Executive Summary – clear risk-based opinions that business stakeholders understand and can be used directly for decision-support

• (15%) Financial Services sector review – clear perspective to business stakeholders on similar projects in their sector, and any relevant regulation

• (20%) Security posture review – clear assessment of the project’s impact on current security posture in terms of changes to the posture and the required mitigation actions to remain at an acceptable posture.

• (30%) Threats, vulnerabilities and consequences assessment – demonstrate that the specific changes introduced by the project have been assessed systematically assessed according to lists and frameworks for threats, vulnerabilities and controls.

• (20%) Data Security – demonstrate the data flows associated with the project have been identified, assessed against policies and any risks mitigated.




Presentation


  • Assignments are required to be submitted in either Word format (.doc, or .docx), Open Office format (.odf), Rich Text File format (.rtf) or .pdf format. Each assignment must be submitted as a single document.

  • Assignments should be typed using 10 or 12 point font. APA referencing style should be used. A reference list should be included with each assessment item.

  • All diagrams that are required should be inserted into the document in the appropriate position. Diagrams that are submitted in addition to the assignment document will not be marked.



Comments