Security Management Program at KORI Report Writing
- Subject Code :
BIT361
- University :
Melbourne Polytechnic Exam Question Bank is not sponsored or endorsed by this college or university.
- Country :
Australia
Your report on the need for a Security Management Program at KORI has been accepted, but the management has requested more information on policy development and the need for a risk management program. Specifically, they have asked for an explanation of benefits of a risk management plan, the steps for creating a risk management plan, and a description of the risk assessment process.
To meet the client’s request, you need to do the following:
- What does the client want you to do?
Document contents:
1. A discussion of the types of policies needed for information security at KORI.
- This will be a list of MORE than 5 things
- Contingency plans for the Bairnsdale Facilities, this includes the;
- Bairnsdale Treatment Centre
- The Administrative Centre and
- The Research Veterinary Laboratory
- What Risk Management is trying to do
2. A discussion on what KORI policy documents should look like (Structure and main components – you may provide an example if this would assist you).
3. Explanation of benefits and purpose of a risk assessment at KORI.
4. Description of risk assessment process for KORI’s requirements.
5.Outline the steps for creating a risk management plan for KORI.
6. A set of asset and risk priorities using the tables below (additional tables in the Appendix may be used as required):
- Identification of Information Assets (The Information Assets Register) at KORI.
- One asset (or more) from each of the different categories:
- People,
- Process,
- Hardware and
- Software
- List the Assets in order of importance by creating an Asset Priority Table in the form of a Weighted Factor Analysis Worksheet (Table 2) at KORI – show all calculations please.
- Identification of Threats/Vulnerabilities for KORI and complete the Threat, Vulnerability, Asset (TVA) (Table 2).
- One threat from each of the different categories:
- Internal,
- External,
- Deliberate, and
- Accidental.
- One threat from each of the different categories:
- Determine Priorities, preliminary impact of risks in a Ranked Vulnerability Risk WorkSheet (Table 3) – show all calculations please.
7. Discuss controls/Safeguards for the issues identified in the last Ranked Vulnerability Risk WorkSheet (Table 3)
Listing Assets in Order of Importance – The Asset Priority Table (Weighted Factor Analysis Worksheet)
To assist with their understanding of risk assessment and management you have decided to consider 4 assets and 4 threats to be used to complete the tables below. To effectively demonstrate your skill, the tables would need to include examples of assets from different categories: people, process, hardware, software, and network. Threats should also include examples from different categories: Internal, external, deliberate, and accidental.
.png)
Threat, Vulnerability, Asset (TVA) Table
.png)
Priority Risk Table
.png)
The Assignment Report 2 - Document Format
The format for submission for this document is less formal than for the original report:
- Cover page
- Introduction (What is the purpose and why the report was needed/requested.
- Headings for each part of the client’s request.
- References
Final Risk Assessment/Management Document
A document that covers all the information requested by the Case Study client. The Risk Assessment will include a prioritized list of Assets, Threats, and Vulnerabilities to meet the request of the client. The Risk Assessment must also include suggested controls for the risks you have identified for the Case Study. Your submission must be compatible with the software in Melbourne Polytechnic’s computer Laboratories/Classrooms. A .docx file is required. Other formats will not be accepted.
Your submission must be compatible with the software in Melbourne Polytechnic’s computer Laboratories/Classrooms. A .docx file is required. Other formats will not be accepted.
The file must be named using the following format:
S9999999_Surname_ReportNo._ClassGroup.docx
Where S9999999 is replaced with your student ID, and the class group with SS, 1A, 1B, 2A, 2B (ask your tutor which code applies to you)
- i.e. S22000_Robinson_Report2_SS.docx.
The assignment must be submitted using the Moodle link provided.
In some cases, your tutor may allow a resubmission of a failed assignment. Resubmitted assignments will be capped at a maximum mark of 50%.
