COIT20263 Information Security Management - Assignment 2

You might also like

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 5

Need this or a similar Assignment


Whatsapp/Call: +91-9502220077

COIT20263 Information Security Management (Term 1, 2017)

Assessment Item 2Practical and Written Assessment
Due date: 11:30pm AEST, Friday, Week 7 ASSESSME

Weighting: 35%

Length: 2000 words (500 words)


This assessment task can be undertaken in a group of up to 4 members or individually. Each
group/student will analyse the scenario given on page 3, and develop and document the specified
Issue Specific Security Policy (ISSP) for the organisation.

Assessment criteria
The students are assessed against their ability to analyse the given scenario and develop the specified

The marking criteria for Assessment Item 2 are provided on page 4.Students need to familiarise
themselves with the marking criteria to ensure that they have addressed them when preparing the
document for this assessment item.

Assessment Task
Each group/studentis required to analyse the scenario given on page 3 and develop a Use of Personal
Digital Devices Policy for the organisation described in the scenario.
The ISSP should include:

1. Statement of Purpose
2. Authorised Uses
3. Prohibited Uses

4. Systems Management
5. Violations of Policy
6. Policy Review and Modification
7. Limitations of Liability

You also need to include a section containing the justification of the contents of your policy as well as
any assumptions that you have made.

Note:Each student in the group needsto upload the ISSP document of their group to Moodle. You
must follow the Harvard citation and referencing guidelines when writing the ISSP document and
include a reference list.
Please do not include an executive summary, a table of contents, an introduction or a conclusion.
Please use the Template for Your Answers Section of this document and upload only that template.

Check the unit website at least once a week for further information relating to this assessment task.
Please ensure that you write your answers in your own words to avoid possible plagiarism and
copyright violation. You can understand the Plagiarism Procedures by following the corresponding
link in the CQUniversity Policies section of the Unit Profile.

To be submitted online through the COIT20263 Moodle unit website assessment block on or before
the due date.

The Scenario for Information Security Management Assessment Tasks

Auto-fishing Group (AG) is a cooperative society of fishermen in Tasmania establisheda year ago. AG
was established to increase the fish yield of its member fishermen and supply the fish to the
consumers as quickly as possible at a reasonable price. Using sophisticated technology, including
Unmanned Aerial Vehicles (UAVs), the fishermen locate the schools of fish suitable for consumption
without catching them indiscriminately and thereby reducing over fishing. AG directly supply the fish
from the fishermen to the customers without an intermediary. To this end, AG has its own vehicles,
ten distribution centres along the coast of the state and three distribution vehicles at each distribution
centre. Each fisherman will be affiliated to a distribution centre.

AG operates from a small office in Hobart. When a customer places an order using the application of
AG or over the phone, the order is processed using a proprietary software program of AG. By using
this software, AG is only be able to receive the optimum quantity of fish from the fishermen on time
but also be able to deliver the order to the customers quickly. This whole process is automated with
the help of on-board computers on the distribution vehicles connected to the office of AG and the
mobile devices of the fishermen.

The fishermen can get connected to the Internet and post questions to online forums. AG also has an
online banking society that provides most of the main banking facilities of other banks to its member

AG also has a marine and fisheries training centre in Hobart. The centre has a managing director, a
secretary and two instructors. There are 20 students at any time in the training centre, participating in
the classes. The instructors can show the students the live videos of fish shoals and schools as well as
the techniques used by the fishermen. The network of the training centre is a part of the network of
AG. AG needs the guarantee that their proprietary application, and various data and information in
their information system are secured.

After the success in Tasmania, AG expanded its services to fishermen and customers in Victoria as

As the society was established last year, the information security policies have not yet been
developed. The society is now in the process of developing a comprehensive set of information
security policies for its information system.
Note: This scenario was created by Dr Rohan de Silva on 10thDecember 2016 and no part of this scenario should be reproduced by any
individual or an organisationwithout written permission from CQUniversity, Australia.

Marking Criteria
Section Max Mark Mark
6 5.1 4.8 4.5 4.2 3.9 3.6 3 2.7 0
Not clear and most
Some assumptions Most assumptions
Assumptions Listed all assumptions. assumptions All assumptions missing. 6
missing. missing.
3 2.55 2.4 2.25 2.1 1.95 1.8 1.5 1.35 0
Not clear but
Contained all information Had too brief or Not clear and most
Statement of Purpose Contained all information in detail. contained most 3
but not enough detail. missing information. information missing.
Not clear but
Contained all information Had too brief or Not clear and most
Authorised Uses Contained all information in detail. contained most 3
but not enough detail. missing information. information missing.
Not clear but
Contained all information Had too brief or Not clear and most
Prohibited Uses Contained all information in detail. contained most 3
but not enough detail. missing information. information missing.
Not clear but
Contained all information Had too brief or Not clear and most
Systems Management Contained all information in detail. contained most 3
but not enough detail. missing information. information missing.
Not clear but
Contained all information Had too brief or Not clear and most
Violations of Policy Contained all information in detail. contained most 3
but not enough detail. missing information. information missing.
Not clear but
Contained all information Had too brief or Not clear and most
Policy Review and Modification Contained all information in detail. contained most 3
but not enough detail. missing information. information missing.
Not clear but
Contained all information Had too brief or Not clear and most
Limitations and Liability Contained all information in detail. contained most 3
but not enough detail. missing information. information missing.
6 5.1 4.8 4.5 4.2 3.9 3.6 3 2.7 0
Not clear but
Focussed and contained all Focussed and contained Focussed but some Not clear and most
Justification contained most 6
information in detail. but not enough detail. information missing. information missing.
2 1.7 1.6 1.5 1.4 1.3 1.2 1 0.9 0
Not all references are
All references are listed according to Many references No or incorrect reference
References A few referencing errors. listed but correctly 2
Harvard reference style. missing list..

COIT20263 Information Security Management - Assessment Item 2 (Term 1, 2017)

Names and student numbers of group members:

Mark Mark
Use of Personal Digital Devices Policy
allocated earned
Assumptions 6
1 Statement of Purpose 3

2 Authorised Uses 3

3 Prohibited Uses 3

4 Systems Management 3

5 Violations of Policy 3

6 Policy Review and Modification 3

7 Limitations of Liability 3

Justification 6
References 2
Late submission penalty
Plagiarism penalty
Total 35


You might also like