Professional Documents
Culture Documents
Col e 004653 MSCP Com079
Col e 004653 MSCP Com079
Edexcel No
Fine
Email-Address wkushan99@gmail.com
Contact No 0714069550
Herewith I agree for the given terms and conditions on plagiarism & Academic dishonesty also I declare the
work submitted doesn’t breach these regulations.
Note: Keep the softcopy of the assignment with you until the official results released by ESOFT. ESOFT has all rights to request the softcopy
again at any time.
wkushan99@gmail.com 12/01/2019
Signature Date
Student’s name
List which assessment Pass Merit Distinction
criteria the Assessor has
awarded.
INTERNAL VERIFIER CHECKLIST
• Constructive?
Y/N
• Linked to relevant assessment
criteria? Y/N
Give details:
Internal Verifier
Date
signature
Programme Leader
Date
signature (if required)
LO4. Create and use a Test Plan to review the performance and design of a multipage website.
Pass, Merit & Distinction P7 P8 M5 D3
Descripts
Resubmission Feedback:
Important Points:
1. Check carefully the hand in date and the instructions given with the assignment. Late submissions will not be
accepted.
2. Ensure that you give yourself enough time to complete the assignment by the due date.
3. Don’t leave things such as printing to the last minute – excuses of this nature will not be accepted for failure
to hand in the work on time.
4. You must take responsibility for managing your own time effectively.
5. If you are unable to hand in your assignment on time and have valid reasons such as illness, you may apply
(in writing) for an extension.
6. Failure to achieve at least a PASS grade will result in a REFERRAL grade being given.
7. Non-submission of work without valid reasons will lead to an automatic REFERRAL. You will then be asked to
complete an alternative assignment.
8. Take great care that if you use other people’s work or ideas in your assignment, you properly reference
them, using the HARVARD referencing system, in you text and any bibliography, otherwise you may be guilty
of plagiarism.
9. If you are caught plagiarising you could have your grade reduced to A REFERRAL or at worst you could be
excluded from the course.
I hereby, declare that I know what plagiarism entails, namely to use another’s work and to present it as my own
without attributing the sources in the correct way. I further understand what it means to copy another’s work.
wkushan99@gmail.com 29/12/2018
Student’s Signature: Date:
(Provide E-mail ID) (Provide Submission Date)
Unit Tutor
Issue Date
Submission Date
Submission Format:
The submission is in the form of an individual written report. This should be written in a concise, formal
business style using single spacing and font size 12. You are required to make use of headings, paragraphs
and subsections as appropriate, and all work must be supported with research and referenced using the
Harvard referencing system. Please also provide an end list of references using the Harvard referencing
system.
LO1 Establish project aims, objectives and timeframes based on the chosen theme.
LO2 Conduct small-scale research, information gathering and data collection to generate knowledge to
support the project.
LO3 Present the project and communicate appropriate recommendations based on meaningful
conclusions drawn from the evidence findings and/or analysis.
LO4 Reflect on the value gained from conducting the project and its usefulness to support sustainable
organizational performance.
Management Information Systems (MIS) plays a very important role in today’s organizations; it creates
an impact on the organization’s functions, performance and productivity. A Management Information
System (MIS) ensures that an appropriate data is collected from the various sources, processed and send
further to all the needy destinations. A system is expected to fulfill the information needs of an individual,
a group of individuals, management functionaries, managers and top management to improve efficiency
and productivity.
On contrary, any system can be compromised with vulnerability issues. This is mostly in area of
confidentiality, integrity and availability (security triangle).
You’re advised to provide solutions for improvements for a selected Management Information System’s
in a selected organization in the area of how to improve aspects of confidentiality, integrity and
availability (security triangle) through a vulnerability study assessment.
You should investigate the causes and impacts of vulnerabilities within computing systems and explore
the solutions to the problems presented in order to make recommendations to improve their security for
Management Information System. The expected solution of the project is a vulnerability assessment and
action plan which includes, issues of varying severity.
In general, the vulnerability assessment may focus on a test of security infrastructure devices, network
servers, operational systems (including Windows and Linux), physical security of buildings, and wireless
internet security. You have to mainly focus on how can vulnerabilities in an existing system be identified
and counteracted.
Discover unknown entry points both physical and electronic – that is threat to the overall
confidentiality, integrity, and availability of network data and resources.
Problem can be discovered in the areas of installing, configuring, and maintaining servers and
infrastructure equipment as well as practices of different department managers and staff tend to
have different ways of managing their IT.
Recommendations for standardization of upcoming infrastructure installations, configurations, and
maintenance.
Educate and increase user awareness on what they could change to improve their security situation
in order to build confidence of using the Management Information System
An action plan to keep their environment secure.
Your role as a student researcher means that you are not trying to perform a specific solution to any
vulnerability problem case. You have to make expert recommendations on how to tighten security
controls, based on a proven assessment methodology, that are in the best interest of the specific project
of Management Information System which may eliminate unnecessary entry points that would greatly
reduce the threat. Introducing of a set of policies and procedures for the entire Management Information
System help eliminate threats through network entry points and infrastructure. The vulnerability trends
and recurring issues that needed careful attention. The project span 03 months in order to provide an
accurate snapshot of their current security posture.
The benefit of the project is that it provides a greater awareness among the entire staff about how any
vulnerability or weakness in any functional area affects the overall security posture of the Management
Information System at large. You are required to provide a full report on vulnerabilities you found and
how you educate the Management Information System staff on what they could change to improve their
TASK – 01
1.1 Describe aims and objectives for vulnerability assessment project which you’re introducing. Your
explanation should include a brief introduction about the company, the MIS and other relevant
information to the assessment project.
1.2 Produce a comprehensive project management plan, The plan should include milestone schedule
and project schedule for monitoring and completing the aims and objectives of the project that
includes cost, scope, time, quality, communication, risk and resources management.
1.3 Produce a work breakdown structure and a Gantt Chart to provide timeframes and stages for
completion.
TASK – 02
2.1 Explain qualitative and quantitative research methods appropriate for meeting project aims and
objectives which you produced as vulnerability assessment project.
2.2 Evaluate the project’s management process and appropriate research methodologies applied, the
accuracy and reliability of different research methods applied for the small scale research
TASK – 03
3.1 Analyze research data using appropriate tools and techniques.
3.2 Describe appropriate recommendations as a result of research and data analysis to draw valid and
meaningful conclusions.
3.3 Evaluate the selection of appropriate tools and techniques for accuracy and authenticity to support
and justify recommendations.
TASK – 04
4.1. Provide a reflection on the value of undertaking the research to meet stated objectives with your
own learning and performance which includes a discussion of the project outcomes, its
usefulness to support sustainability of the given organization and its’ performance, the decision-
making process and changes or developments of the initial project management plan to support
justification of recommendations and learning during the project.
4.2. Evaluate the value of the project management process and use of quality research to meet stated
objectives and support own learning and performance
Kushan Wijerathne
COL/E-004653
The success and final outcome of this assignment required a lot of guidance and assistance from many
people and I’m extremely fortunate to have this all along the completion of the assignment work. Whatever
I have done so far is due to such guidance and assistance and I would not forget to thank them. I respect
and thank Ms. Anne Sumudu for giving me an opportunity to do this assignment work and providing me
all support and guidance which made me complete the assignment on time, I am extremely grateful to him
for the support throughout the course. MSCP takes an important place in this semister because it covers a
vast area of knowledge and it helps you to rectify errors that you make more often in managing a project. I
am really grateful because we managed to complete this assignment within the given time frame. Even
though we faced some issues in between the semester with lecturers we managed to do it successfully. I
can’t forget my friends who helped me in every way. Last but not least I would like to express my gratitude
to Esoft Metro Campus for the opportunities and teaching techniques that help every student to mold their
cooperate life.
1.1
Vulnerability Assessment
Vulnerability assessment is an important way of recognizing vulnerabilities in the system or application
Their filtering analyzers use them to control target frames and identify potential attack agents, deficiencies
and crossing points, while heads use them to identify already vague or unknown vulnerabilities that may
affect their security base.
For all vulnerability assessments, it is necessary to gather a summary of the potential vulnerabilities that
indicate the relative levels of risk. In this way a linking effort can put its needs to face the dangers it
encounters.
Company Description
The Kalutura Urban Council (KUC) is the local authority for Kalutara in the province of Kalutara in the
western province of Sri Lanka established in 1878. KUC is responsible for providing a variety of local
public services, including roads, sewers, sewers, homes, libraries, public parks and recreation areas.
Currently their managing assessment information through a system
The Management Information System (MIS) is a data framework used for basic initiatives and for
coordinating, managing, inspecting and impressing data in associations. Affiliated organizations can think
of different destinations and gather before they come across a risk and vulnerability assessment. These
goals and target sections may be the intended consequences of compliance should be an indication of new
laws, mandates and information security. Security as a means of setting up and assets of information
technology is essentially underlined rather than expectation, area and response. By combining a sound and
wide-ranging security process and an enthusiastic IT security plan and structure, relationships can be
created to ensure the security of IT facilities and assets, as indicated by the key satisfactory risk or the level
of introduction of the relationship.
for
Vulnerability assessment of UC
Kalutara
Version 1.0
Introduction
The project plan combines information on personnel, expenditure planning, timing, deadline, goal and
assessment. It gives further guidance on both personal and social goals of opportunities and how all aspects
of the regulation should be done. As a technique for progress is complemented as a guide to the way a free
effort works, a business plan points to the exploitation of the business.
Scope
We will complete a risk assessment of the Management Information System (MIS) through this project,
identifying and strengthening complex objectives in every aspect, such as classification, dignity and
access. At the end of this task, we have approved the difficulty of managing management and have issued a
suitable arrangement for the MIS staff on specific security arrangements to change the activities to
maintain their environment safely.
Milestones
Finding a company.
Planning and preparation for the meeting
Schedule the meeting and arrange a local visit
Review the process, documents and related drawings and diagrams
Create a full complete check list.
A billing report has been designed for analysis of the field data by visiting the site.
Grant full approval from the responsible party for preparing the final report.
The risk window can be identified according to the acceptable tolerance of the organization, which is
at risk for the risk.
Determine the vulnerability at the network.
New Risk and Risk can be assessed with new Information Security Laws, Regulations and
Regulations
There are flaws or gaps in the information frame of the organization.
1.3
Work Breakdown Structure
Project Management and System Engineering-the work-breakdown structure, the direction of the project
into smaller components. A team project is a project breakdown structure for managing tasks. The
PMBOK 5 (Project Management Body of Knowledge) defines the design breakdown structure.
"Hieroglydifferency in the project group in the project team to provide the required projects for the
achievement of project objectives." Work-breakdown structure is an element, product, data, service or any
combination. Providing guidance and guidance for the WBS Scheduling and Controlling the framework for
oversight and control
Focus groups
If you choose to have a group discussion with a selected person, select five or more
participants. For a discussion of a number of predefined topics, a moderator is required to
guide. The true capability of the team of the accuracy team through any dialogue will be the
true and correct answer of the targeted delegated representatives.
Qualitative research will help customers and the public to understand. A good quality research
the project manager knows what the employees think about the system. That's why employees
have a lot of questions at the system. In the section below, as the manager of the project, I have
tried to answer some of employees and unrelated systems.
Survey Strongly Agree Neutral Disagree Strongly
Question agree 1 2 3 4 disagree 5
Bios is safe
with
administrator
password?
Can
privileged
users be able
to restart only
their servers?
Are there
routers and
portals on the
system?
Is there a
Quantitative research
Quantitative market research is more structured than qualitative research because of its
statistical nature.
Small businesses that are explicit in quantitative research will be able to provide an accurate
picture of their target market. Sample responded samples give a list of mainly closed
questions for selecting and answering a sample of the sample. These closed questions can
provide answers, respond to business, and quickly decide on preferences.
Quantitative research may be based on paper - like postal surveys or computerized - online
surveys or phone calls. All the quantities of samples; Response for a specific area should be
minimally responded, and 100 responses are said to be of low quality. Reliable quantitative
data will require large sample sizes.
The objective of the project is to find the vulnerabilities of the assessment management
system. As a project manager, the best and best research method will be found to find the right
market for local authority. Assessment management system research by local authority has
given as follows.
Quantitative research can be done through observations, surveys, quizzes, and target groups.
Therefore, as a quantitative research for the local authority, I have conducted a survey method
for the research manager, as a project manager. So I have set up a survey questionnaire. 10
based on and on a Likert scale –
VULNERABILITY ASSESSTMENT QUESTIONAIRE
Name:
Department:
Designation:
Phone Number:
Email Address:
5. Has your local authority ever tested its network for vulnerabilities or performed a risk
assessment?
a. Yes
b. No
6. Are the staffs trained to identify unnecessary adware?
a. Yes
b. No
7. Do you have unique credentials for your access to the system?
a. Yes
b. No
8. Have you saved your credentials for access to the system in the browser?
a. Yes
b. No
9. Does your local authority have a confidential agreement with the development team of the
system who has the access to the server?
a. Yes
b. No
c. May be
10. Does the third party get remote access?
a. Yes
b. No
c. May be
16. Can employees access to other web sites using the laptop/PC?
a. Yes
b. No
c. Some
17. What is the process of printing a document?
Bar graph
In line
In the histogram
Pie Chart
Pie demonstration can be used for skill test to test the experimental results. When you need to
make a difference and require a specific dependency on one variable, you can share sufficient
and productive data. By all due respect, I used a pin to show my specific results.
Cutting down the cutting of the most important cut with a shade of 4-6 cuttings.
Analysis
18. What is the status your computer literacy?
When the screen si not locked, unauthorized person can access to the system through the
computer.
Solution: IT division of Kalutara UC must put screen lock to every machine
22. Has your local authority ever tested its network for vulnerabilities or performed a risk
assessment?
As most of them have medium computer literacy, it is hard thing to find an unnecessary
adware. In their IT section, they do not have knowledge also
Solution: Scheduling workshops
24. Does your local authority have a confidential agreement with the development team of the
system who has the access to the server?
Development team can access to the system or server using Remote Desktop Connection or
Team Viewer. But the threat is the passwords which are using to login are not recurring. There
for anyone who has connected before can reconnect again without any acknowledge of Urban
council.
Solution: Using recurring passwords
26. Does your firm require passwords or pins for mobile devices that can access company
email or systems?
Human Resources: System requires human resources to acquire competitive advantages in the
UC. From my own experience in the recent Corporate Social Responsibility Project, I
recommend refinancing the UC's improved human resources to the UC that meets this program
time and budget limit
Full budget: Accountant needs resources to complete a program. The UC has to prepare an
adequate budget for system initiatives so that the program is easy to implement.
Customized Product: The main feature of the quality products is the consumer 's product
.Kalutara urban council also requires customer needs for customers.
3.3
Data analysis requires a number of intimate relationships, and requires the classification of
categories, types of categories, data types, raw data, creating tables, and creating relationships.
After summarizing, the analysis is usually based on the various sizes of the calculations. It is
ugly, such as the use of clearly defined statistical statements. In analysis, it is important to
determine that it is possible to determine whether it is possible to determine whether the
relationship between conflicting or conflicting differences can occur between the original
hypothesis or the new assumption. Data analysis and submission data plays an important role.
Projected results are the only reliable source for forecasting results. Therefore, it is important to
analyze the collection of data. Therefore, incorrect data can misidentify you by the
organization, but it can be directly submitted to you accurately and accurately. Therefore, it is
wise to select a data collection method according to the expected situation of the project and
targeted varieties. As researchers, a system was selected for managing questionnaires. Select a
group of respondents representing different fields of the organization.
4.2
The best way to find out the security risks involved in the present infrastructure of the testing
method used by the Kalutara UC is Qualitative and quantitative research was done efficiently to
fulfill the objectives of the project. As the city council decided to know the current technology
of access to existing technologies, the aforementioned repository was studied to fulfill the
project manager's project requirements. Quantitative research has revealed that employees'
ideas are more effective in working with newer technologies, but provide insights into the
current UC status and level of security that have helped to get it through quality surveys. A
PROJECT LOG
SHEET.docx
REFERENCES
1. Tomczyk, C. (2011). Project Manager's Spotlight on Planning.