Assessment Cover Sheet
November 24, 2015
| Programme Name: | Bachelor | ||||
| Course Code and Name: | CIS 2103– Principles of Information Security | ||||
| Time Allowed: | 4 Weeks (Week 10 – End of Week 14) | ||||
| Assessment Number: | AT4 – Designing an IS Policy | ||||
| LO/Goals Covered: | LO 03 | ||||
| Special Instructions: |
| ||||
| % of Final Grade: | 15% of the final grade | ||||
| Total Marks Available: | 35 marks. | ||||
| Student Name: | ______________________________ | ||||
| Student Section: | ______________________________ | ||||
| Result: | / 35 ( %) | ||||
| HCT Academic Honesty Policy
| Academic dishonesty will not be tolerated within the HCT. Academic dishonesty includes cheating, plagiarism (copying) or any other attempt to gain an academic advantage in a dishonest or unfair manner. Breaches of the Academic Honesty Policy will result in dismissal from HCT | ||||
| |||||
In this Project, each group of students is required to choose a company and understand the security requirements based on the nature ofits business. They need to use the collected information about the company to design a suitable Information Security Policy.
Each group needs to deliver a status report of what they have finished/are doing on a weekly basis. Members of each group need to use the following to come up with a good Information Security policy report:
- Good communication skills: when they communicate with companies.
- Good research skills: when they search for suitable IS policies
- Good analytical skills: when they study the company and find out the most suitable EISP and ISSP
- Good writing skills: when they write the required sections in their report
The designed information security policy must demonstrate the students’ understanding of the chosen business and a comprehensive understanding of the components of both the Enterprise Information Security Policy and the Issue-Specific Security Policy.
The created report should include both the EISP and a number of ISSPs that address 5 different issues that are listed in the following sections.
General information about the Project
- What should I include in the report:
Students are required to include the following sections:
- Section 1: Introduction
- Section 2: Overview of the chosen company
- Section 3: The Enterprise Information Security Policy
- Section 4:Five different Issue-Specific Policies
- Section 5: Conclusion
- Section 6: References
- What should I include in each one of these section?
Following is a summary of what students need to include in each section:
- Section 1: Introduction
Students need to write general information about the project. This may include information about the team members, the way they collected information about the company, which might be a pure research or a real company that has been visited and/or called. It can also include an overview of the sections in the report, and a summary of what is covered in each section.
- Section 2: Overview of the chosen company
In this section, Students need to provide an overview of the company. This may include:What is the nature of business? What is the number of employees? How many branches or locations?How many computers? How many servers? Do they have a data center? If yes, where is it located in the building? How many locations are needed to be Secure Facilities?How many people are working in the security team?
- Section 3: The Enterprise Information Security Policy
In this section, Students need to design the EISP (general policy of the company). This should include the following elements:
- An overview of the corporate philosophy on security
- Information on the structure of the IS organization and individuals who fulfill the IS role
- Fully articulated responsibilities for security that are shared by all members of the organization
- Fully articulated responsibilities for security that are unique to each role within the organization
- Section 3: Five different Issue-Specific Policies
In this section, Students need to compose a single comprehensive ISSP document covering the following five issues:
- Email Security Policy
- Laptop Security Policy
- Wireless LAN Security Policy
- Backup Security Policy
- Physical Security Policy
Each of these policies must contain all the elements that are listed in the textbook page 177.
- Section 5: Conclusion
Students can use this section to summarize the outcomes of their project and give some details on how applying these policies will help the company in general.
- Section 6: References
Students are requested to list the URLs of all the websites they reviewed and used to be able to write there IS policies.
Check list
Before submitting your project, make sure that the following all the following sections arecompleted:
Marking Scheme (Assessment Rubrics)
Name: Student ID:
| Item | Information | Marks available | Marks Awarded |
| Section 1: Project overview |
| 2 | |
| Section 2: Company overview |
| 3 | |
| Section 3: The EISP |
| 5 | |
| Section 4: Five ISSPs |
| 4 | |
| 4 | ||
| 4 | ||
| 4 | ||
| 4 | ||
| Section 5: Conclusion |
| 3 | |
| Section 6: References |
| 2
| |
| Total | 35 | ||
For a custom paper on the above topic, place your order now!
What We Offer:
- On-time delivery guarantee
- PhD-level writers
- Automatic plagiarism check
- 100% money-back guarantee
- 100% Privacy and Confidentiality
- High Quality custom-written paper
