Tutor with responsibility for this Assessment
Jordan Allison is your point of contact for this element of assessment.
Arrangements for submission
Please submit one document online via Moodle:
Your report as a word document.
The requirements for the assessment
You have been employed as a cyber security management consultant to conduct a report (3000 words) which analyses the current stage of a company’s security posture, and to provide recommendations to address the key security risks which the company faces.
You should choose a real small/medium enterprise (SME) to conduct your report on, and you can make some assumptions if some information is not available about the company. It is recommended to conduct interviews with employees of the company to help make your report as real as possible (however, this is not compulsory for the assignment).
The report should be in detail rather than a general discussion about cyber security management and should contain the following sections:
- Introduction: Discuss key security risks which the sector of your organisation faces, and key risks for SMEs.
- Organisational Profile.
- Company Overview/Strategy
- Stakeholders
- Assets (and associated threats)
- Current Policies and Procedure
- Network Diagram
- Risk Analysis: given the organizational profile presented, conduct a risk analysis and identify key risks to be addressed. Use frameworks such as FMEA, FAIR etc
- Cyber Security Management Plan: Describe your cyber security management plan in detail considering physical, cyber and social aspect of cyber security. This should be realistic, contextualized to the previous sections (especially addressing the key risks identified), and supported by academic literature.
- Conclusion
- References
- Appendices: This may include interview transcripts, email correspondence, informed consent form, company policies (existing or of your own creation for them).
Assessment Criteria
Marks will be awarded for each element as required in the above specified report. Higher marks are awarded where there is greater justification of points made, greater relevancy of points to the chosen business case , and where limitations and alternatives are also discussed. Furthermore, greater marks are awarded for the cyber security management plan if it is a relevant solution that links to the prior analysis and organisational profile provided, and for providing a non-generic but specific discussion that is critical of the recommendations being provided.
Get expert help for CT6033 Assessment 1 and many more. 24X7 help, plag free solution. Order online now!