Assignment Brief : Read the Following Scenario (P4, P5, P6, M3, D2)

Total Page:16

File Type:pdf, Size:1020Kb

Assignment Brief : Read the Following Scenario (P4, P5, P6, M3, D2)

Btec National Diploma Extended Advanced Diploma for IT Practitioners Unit Organisational Systems Title Assignment 2 7 Security

Castle College, Nottingham Computing National Diploma for I.T. Practitioners

Unit Leader Dave Bell

Assignment 2 04/01/2011

To be completed by the student Students Name:

To be completed by the student Students signature This submission is the result of my own work. All help and advice other than that received from tutors has been acknowledged and primary and secondary sources of information have been properly attributed. This submission is the result of group / collaborative work as allowed in the assignment criteria or agreed with the lecturer. All people involved in the collaboration have been identified on the title sheet of the work and any specific section of work that is solely the work of one individual is clearly identified.

Comments: To be completed by the tutor

Assessed by Date assessed Btec National Diploma Extended Advanced Diploma for IT Practitioners Unit Organisational Systems Title Assignment 2 7 Security

Assignment Brief : – Read the following scenario (P4, P5, P6, M3, D2)

The documents that you created for Your-Tech on various security issues have been added to the company website. They have been well received by the company’s customers, but they have also raised further questions. Yesterday the company managing director (MD) received an email from one of your customers, who is also a personal friend of the MD:

‘Hi, I would like to follow up on the chat we had on the golf course last week about computer security. I wonder if you could come to our next board meeting and give a presentation on the following topics:

 Tools and policies we can use to manage computer security issues  How we can use staff employment contracts and company codes of conduct to help keep our systems secure  Review of required legislation for security and privacy of data  Guidelines to Ethical Decision making

In addition we need to decide what security polices we should have in our company. Please also provide suitable documents to explain the reasons for each possible policy so that we can justify their use within our company. If possible could you also provide some examples of other organisations’ policies to provide us with some guidelines as to what is required.

Tasks

The MD has asked you to prepare an illustrated report to cover the above points that he can present at the board meeting. He has also asked you to see if you can find a set of security policies used in another organisation. For example, you could find a copy of the security polices (network or internet usage) used in the college or school you attend and write an explanation of why each rule or policy has been included.

You must attribute the sources of your research appropriately.

Task 1 (P4, P5, P6)

List the various tools and security policies that an organisation may adopt. Explain in more detail the characteristics of each of the policies related to an organisation’s ICT security issues. Codes of Conduct for the following should be explained and accompanied by some sample policies (appendix) where stated. Email Usage policy (example) Internet Usage policy (example) Software Acquisition & Installation policy (example) User Area Usage policy Account Management policy (P4) Btec National Diploma Extended Advanced Diploma for IT Practitioners Unit Organisational Systems Title Assignment 2 7 Security

In addition explain how employment contracts can be used to affect security issues considering the following: Hiring policies Separation of Duties Disciplinary procedures Training and Communication with staff as to their responsibilities (P5)

Review the appropriate legislation to show that you understand the reasons behind that legislation. Provide details of how licensing agreements should be used to meet Copyright requirements. These policies should allow an organisation to employ and train the right staff to understand the acceptable use of the organisation’s IT equipment. (P6)

Reference can be made to sample policies that should be attached in the appendices.

Task 2 (M3)

Review the legislation for Freedom of Information and how it affects personal privacy. Consider examples of data collected for phone books and street maps (incl. Google) Comment on some examples of ethical decision making based on examples provided. Review and comment on the IMIS Code of Ethics. (M3)

Task 3 (D2)

You are asked to assess what is acceptable behaviour in today’s IT industry and to link that to security polices to enforce that behaviour. Read the policies of the linked professional bodies and determine what they consider to be acceptable behaviour. Evaluate the usefulness of the leading professional bodies (your own opinions!) and show how they have an impact on the security policies in use in the IT industry today. Provide a suitable evaluation document to complete your assignment tasks. Consider all the policies employed by your college and evaluate their effectiveness.

All assignments should be submitted in the correct portfolio format by the required deadline and checked fully for spelling and grammar. Your portfolio should have a title page and a contents page with suitable subsections and page number referencing.

Functional Skills – Level 2

Use appropriate search techniques to locate and select relevant information researching into security matters ICT – Developing, presenting and Combine and present information in ways that are fit for purpose and audience explaining encryption techniques and ethical decision making. Btec National Diploma Extended Advanced Diploma for IT Practitioners Unit Organisational Systems Title Assignment 2 7 Security

1st Marking Date:______Feedback

Grading Criteria e s d k e m s v o a To achieve the indicated e i c Feedback comments T t h grade there must be u c O evidence showing: A

Explain the policies and P4 1 guidelines for managing organisational IT security issues Explain how employment P5 1 contracts can affect security Review the laws related to P6 1 security and privacy of data. Explain the role of ethical M3 2 decision making in organisational IT security. Evaluate the security policies D2 3 used in an organisation Btec National Diploma Extended Advanced Diploma for IT Practitioners Unit Organisational Systems Title Assignment 2 7 Security

2nd Marking Date:______Feedback

Grading Criteria e s d k e m s v o a To achieve the indicated e i c Feedback comments T t h grade there must be u c O evidence showing: A

Explain the policies and P4 1 guidelines for managing organisational IT security issues Explain how employment P5 1 contracts can affect security Review the laws related to P6 1 security and privacy of data. Explain the role of ethical M3 2 decision making in organisational IT security. Evaluate the security policies D2 3 used in an organisation

Recommended publications