Docstoc

Unit 7 - Organisational Systems Security Assignment 2 ... - Wikispaces

Document Sample
Unit 7 - Organisational Systems Security Assignment 2 ... - Wikispaces Powered By Docstoc
					 Btec National Diploma Extended Advanced Diploma for IT Practitioners
 Unit Organisational Systems      Title Assignment 2
  7   Security


                               Castle College, Nottingham
                                            Computing
                               National Diploma for I.T. Practitioners


Unit Leader       Dave Bell
Assignment 2      04/01/2011




 To be completed by the student
 Students Name:



 To be completed by the student                              Students signature
 This submission is the result of my own work. All help
 and advice other than that received from tutors has been
 acknowledged and primary and secondary sources of
 information have been properly attributed.
 This submission is the result of group / collaborative work
 as allowed in the assignment criteria or agreed with the
 lecturer. All people involved in the collaboration have
 been identified on the title sheet of the work and any
 specific section of work that is solely the work of one
 individual is clearly identified.


Comments: To be completed by the tutor




Assessed by                                            Date assessed
 Btec National Diploma Extended Advanced Diploma for IT Practitioners
 Unit Organisational Systems          Title Assignment 2
  7   Security

Assignment Brief : – Read the following scenario (P4, P5, P6, M3, D2)

The documents that you created for Your-Tech on various security issues have been added
to the company website. They have been well received by the company’s customers, but
they have also raised further questions. Yesterday the company managing director (MD)
received an email from one of your customers, who is also a personal friend of the MD:

‘Hi,
I would like to follow up on the chat we had on the golf course last week about computer
security. I wonder if you could come to our next board meeting and give a presentation on
the following topics:

       Tools and policies we can use to manage computer security issues
       How we can use staff employment contracts and company codes of conduct to help
        keep our systems secure
       Review of required legislation for security and privacy of data
       Guidelines to Ethical Decision making

In addition we need to decide what security polices we should have in our company. Please
also provide suitable documents to explain the reasons for each possible policy so that we
can justify their use within our company. If possible could you also provide some examples
of other organisations’ policies to provide us with some guidelines as to what is required.

Tasks

The MD has asked you to prepare an illustrated report to cover the above points that he
can present at the board meeting. He has also asked you to see if you can find a set of
security policies used in another organisation. For example, you could find a copy of the
security polices (network or internet usage) used in the college or school you attend and
write an explanation of why each rule or policy has been included.

You must attribute the sources of your research appropriately.


Task 1 (P4, P5, P6)

List the various tools and security policies that an organisation may adopt. Explain in more
detail the characteristics of each of the policies related to an organisation’s ICT security
issues. Codes of Conduct for the following should be explained and accompanied by some
sample policies (appendix) where stated.
Email Usage policy (example)
Internet Usage policy (example)
Software Acquisition & Installation policy (example)
User Area Usage policy
Account Management policy
                                                                               (P4)
 Btec National Diploma Extended Advanced Diploma for IT Practitioners
 Unit Organisational Systems          Title Assignment 2
  7   Security

In addition explain how employment contracts can be used to affect security issues
considering the following:
Hiring policies
Separation of Duties
Disciplinary procedures
Training and Communication with staff as to their responsibilities    (P5)

Review the appropriate legislation to show that you understand the reasons behind that
legislation. Provide details of how licensing agreements should be used to meet Copyright
requirements. These policies should allow an organisation to employ and train the right staff
to understand the acceptable use of the organisation’s IT equipment.      (P6)

Reference can be made to sample policies that should be attached in the appendices.

Task 2 (M3)

Review the legislation for Freedom of Information and how it affects personal privacy.
Consider examples of data collected for phone books and street maps (incl. Google)
Comment on some examples of ethical decision making based on examples provided.
Review and comment on the IMIS Code of Ethics.                          (M3)

Task 3 (D2)

You are asked to assess what is acceptable behaviour in today’s IT industry and to link that
to security polices to enforce that behaviour. Read the policies of the linked professional
bodies and determine what they consider to be acceptable behaviour. Evaluate the
usefulness of the leading professional bodies (your own opinions!) and show how they have
an impact on the security policies in use in the IT industry today. Provide a suitable
evaluation document to complete your assignment tasks. Consider all the policies
employed by your college and evaluate their effectiveness.


All assignments should be submitted in the correct portfolio format by the
required deadline and checked fully for spelling and grammar.
Your portfolio should have a title page and a contents page with suitable
subsections and page number referencing.

Functional Skills – Level 2
Use appropriate search techniques to locate and select relevant information researching into
security matters
ICT – Developing, presenting and
Combine and present information in ways that are fit for purpose and audience explaining
encryption techniques and ethical decision making.
 Btec National Diploma Extended Advanced Diploma for IT Practitioners
 Unit Organisational Systems                       Title Assignment 2
  7   Security

1st Marking                                        Date:________________________
Feedback

    Grading Criteria




                                                   Achieved
                                 Outcome
To achieve the indicated                                           Feedback comments



                                           Tasks
grade there must be
evidence showing:

Explain the policies and         P4        1
guidelines for managing
organisational IT security
issues
Explain how employment           P5        1
contracts can affect security
Review the laws related to       P6        1
security and privacy of data.
Explain the role of ethical      M3 2
decision making in
organisational IT security.
Evaluate the security policies   D2        3
used in an organisation
 Btec National Diploma Extended Advanced Diploma for IT Practitioners
 Unit Organisational Systems                       Title Assignment 2
  7   Security

2nd Marking                                           Date:________________________
Feedback

    Grading Criteria




                                                   Achieved
                                 Outcome
To achieve the indicated                                           Feedback comments



                                           Tasks
grade there must be
evidence showing:

Explain the policies and         P4        1
guidelines for managing
organisational IT security
issues
Explain how employment           P5        1
contracts can affect security
Review the laws related to       P6        1
security and privacy of data.
Explain the role of ethical      M3 2
decision making in
organisational IT security.
Evaluate the security policies   D2        3
used in an organisation

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:416
posted:2/28/2012
language:
pages:5