User Account

All Pages

Review graphical representation of isms implementation

Assignment Help Other Subject
Reference no: EM132800825

SIT763 Cyber Security Management - Deakin University

Assessment: Teamwork Report

Cyber Security Risk Management Report

Learning outcome 1: Work as a team and apply organisational planning and project management principles to IT security planning.

Learning outcome 2: Assess security risks, threats and vulnerabilities to the organisation and implement appropriate information security protection mechanisms by analysing requirements, plans and IT security policies.

Learning outcome 3: Identify personnel security, training and security education needs, and associated legal and ethical awareness and propose strategies for corporations taking into account cost benefit ratios.

Brief description of assessment task

Students will be required to work as a team to produce a cyber security risk management report and slide deck for a corporate organisation that will be delivered as a presentation during a scheduled interview with a member of the teaching team. This will include performing a cyber security risk assessment as well as outlining methods for monitoring, auditing and vulnerability testing as part of the review process for cyber security management.

This is a group assessment task. Student teams must prepare a report of approximately 2500 words and a slide deck to be delivered at an interview and must include:

• Written report of 2500 words
• Slide deck for presentation
• Evidence that each team member has appropriately contributed to the team deliverables
• A detailed analysis of the corporate environment
• List of risks, threats and controls
• Analysis of findings
• Review and reflection on the findings and propose justified recommendations

Background information
This assessment has been designed for you to experience working in a team to produce an assessment report for an organisation based on the ISO 27001/ISO27002 standards. The purpose is to provide you with knowledge of the standard and templates necessary to practice performing a gap analysis against the standard for cyber security management within an organization you may or already are working for.

The success of this task will be defined by the performance of the team. It is the responsibility of each individual to maintain consistent communication and to regularly participate in team discussions as well as provide evidence of contributions to the final report. This is teamwork, NOT individuals working on separate tasks that are combined at the end.

Use the SecureWorx SAD (Solution Architecture Document) New Organisational Management System Version 1-00 to complete this assessment task.

A channel on TEAMS has been provided for queries related to assessment 5. Questions requesting specific answers or solutions will NOT be responded to. You will need to allow up to 48 hours for a response to a query.

Task 1: Self and Peer Review of Teamwork Skills

This is an individual-based task. Each team member will be required to demonstrate evidence of their contribution and performance in the team by rating their own and other team members' contribution.

The steps required to be completed for this task are presented in ‘Assessment 5: Teamwork report' on the Unit site.

Please carefully read all instructions and pay particular attention to the due dates for the steps which are sperate from the submission of the teamwork report.

Task 2: Teamwork Report

The report is based on your team performing an assessment of the SecureWorx SAD (Solution Architecture Document) New Organisational Management System Version 1-00 using 4 documents from the ‘ISO27k toolkit' presented in Workshop 9.

Your team MUST use the versions provided in the Assessment 5 folder on the Unit Site that have been customised for this task. Only 1 Team member is required to submit these 4 documents to the submission link on the Unit site.

The following describes the requirements to be completed for each of the 4 documents.

1. ISO27k Asset Register.xlsx

Refer to ‘Figure 6 - Infrastructure Architecture Diagram' of the SAD.

i. Complete a sheet in the ISO27k Assest Register.xlsx to provide Transcon with an ‘asset register' for the 16 assets in the ‘Private Cloud Environment' of the ‘Secure data centre'. Add additional sheets as necessary.
ii. Include an ‘Asset ID' for each asset according to what is mentioned in the SAD. Unless there is any related information mentioned in the SAD, leave all the remaining fields blank for the asset details.
iii. Complete the CIA of security for each asset by entering either L (Low), or M (Medium), or H (High) into the highlighted cells to compute a corresponding asset value.

2. ISO27k ISMS Information risk register.xlsm

iv. Complete the ISO27k ISMS Information risk register.xlsm to provide Transcon with a ‘risk register' for 8 assets in the ‘Private Cloud Environment' of the ‘Secure data centre'.
v. Assign a unique reference for the ‘Risk ID' for each asset and complete the risk register for Transcon using the ‘Worked example', ‘Guidance on usage', and Guidance on scoring.
vi. Sort the risks from highest to lowest based on their rating.

3. ISO27k Information security program maturity assessment tool.xlsm

vii. Complete the ‘Assessment' sheet in the ‘ISO27k Information security program maturity assessment tool.xlsm' to provide Transcon with the current maturity level of their organisation against ISO27002.
viii. Use the ISO/IEC 21827:2008 scoring method presented on the ‘Scoring' sheet to enter the relevant maturity level value for each question in the ‘Maturity Level' column of the ‘Assessment' sheet.
ix. Place a reference in the ‘Notes' column for each of the 101 questions according to what is mentioned in the SAD.

*4. ISO27k ISMS and controls status with SoA and gaps.xlsm

x. Translate the ‘Maturity Level' scores for each of the 101 questions from ‘ISO27k Information security program maturity assessment tool.xlsm' to a ‘Status' value in the ‘Annex A controls' of the ‘ISO27k ISMS and controls status with SoA and gaps.xlsm'.

xi. Record the ‘Status' scores and review the graphical representation of the ISMS implementation status and Infosec controls status. NOTE: the ‘Mandatory ISMS requirements' sheet has been completed with the ‘Status' values to generate the ISMS implementation status.

xii. Present a summary of the results and relationship between requirements 1, 2, 3 and 4 as part of the Presentation Interview.

Task 3: Presentation Interview

Details and requirements for Task 3 are provided below.

The Presentation Interview is scheduled prior to submission of the report (21 February 2021). This means your team has time to complete the report following the interview.

Schedule: 15 February to 19 February 2021.
Time: Can select time on Monday to Friday between 12.00-4.00pm and between 5.00-9.00pm.
Purpose:
Presentation: Present your results and findings of the assessment performed in Task 2. It is the responsibility of the team to determine how to present this.
Interview: The teaching team will ask questions to understand how the team worked together to make decisions and how knowledge and skills of cyber security management were applied.
Location: ALL PRESENTATION INTERVIEWS WILL BE ON MS TEAMS.
Duration: 20 minutes.
Presenters: EACH MEMBER of the team MUST present during the presentation.
Content: MUST include excerpts from all 4 documents, present the relationship between them and process performed to complete report. The maturity of Transcon related to ISO27001 and ISO27002 is to be included.
Format: PowerPoint presentation

Note: Need only TASK 2 - QUESTION 4 ( x, xi, xii)

Attachment:- assignment_details.rar

Reference no: EM132800825

Questions Cloud

Discuss the topic ethical leadership in brief : The overall structure of the Annotated Bibliography should be as follows: The summarized articles in alphabetical order, An analysis of the articles relating.
Direct and circumstantial evidence : What level pf proof is required for a federal defendant to win a case involving the insanity defense?
How much was your capital gain or loss : One year later, the market yield was 8%. If you purchased the bond at the end of Year 2 and sold it one year later, how much was your capital gain or loss
Define the five stages of grief : Define each coping mechanism and document your (or your patient's) experiences upon encountering the various stages.
Review graphical representation of isms implementation : Record the Status scores and review the graphical representation of the ISMS implementation status and Infosec controls status
Nominate the paris convention article : Nominate the Paris Convention Article number expressing the requirement/s for military aircraft of a Contracting State to overfly/land in another Contracting St
How will this withdrawal be taxed : At the beginning of 2020, his spouse's plan has a balance of $226,000. During this year, she withdraws $11,000 from her RRSP. How will this withdrawal be taxed
Presumption of innocence attach : 1. The Constitution specifically prevents double jeopardy. When does double jeopardy attach and under what circumstances can a person be tried twice for the sam
Find new Cost of Capital for company new Capital Structure : A company has an original capital structure of; $50,000 in Total Debt and $100,000 in Equity. Find new Cost of Capital for company new Capital Structure

Reviews

len2800825

2/17/2021 11:43:34 PM

this is the working template - ISO27k ISMS and controls status with SoA and gaps.xlsx using this file solve it - TransCon - ISO27k Information security program maturity assessment tool.xlsx this is the organization u have to do it - Secureworx_SAD_v1-00.pdf these which are on Page no 3 - 4. ISO27k ISMS and controls status with SoA and gaps.xlsm

len2800825

2/17/2021 11:42:58 PM

ONLY TASK 2 - QUESTION 4 ( x, xi, xii) these 3 For doing Q 4th i am sending you the excel sheet And the previous 3rd question excel as well U have to do it for TRANSCON document I will give u 2 excel sheets 1. Which has question 3 excel done work which u have to consider extension work for question 4 2. Actual excel sheet which u have to work on I will give u 1 document TRANSCON for which u have to solve the question 4 ( this is the resource for this assignment) It is similar like template

Write a Review

Other Subject Questions & Answers

  Define sense of place and time that is the setting of play

Describe the set. How well does it define the sense of place and time that is the setting of the play? Does it blend with the style of the play and the actors' perfor-mances? Does it help create the mood of the production? Tell why

  Health care reform policy alternative

Journal entry, recommend a health care reform policy alternative to positively impact insurance coverage and financing the delivery of healthcare

  Concept of governance within a health care organization

Write a paper (1,000-1,250 words) on the concept of governance within a health care organization. Address the following: Corporate structure and how it impacts the effectiveness of governance.

  Define how does the person-environment theories

How does the person-environment theories apply to your own living situation, For the average college student

  Define engine trouble and began to look for another vehicle

Gordon escaped from authorities in Vermont. While in Maine, he experienced engine trouble and began to look for another vehicle

  Shrink-wrap agreement

General Electronics, Inc., uses shrink-wrap agreements. In most cases, a shrink-wrap agreement is between

  Discuss theories of communication

Edexcel BTEC Level 3 Nationals specification in Health and Social Care –R/600/8939-Developing Effective Communication in Health and Social Care

  What was duchamp trying to do

From watching the video discussion on Marcel Duchamp's In Advance of the Broken Arm, how do you think this art challenges our idea of what art can be?

  Describe ways you might refine general search

Describe ways you might refine general search to reduce the number of results from your search. (CINAHL, Medline etc.) What about the advanced search options using Boolean limiters such as AND.

  Explain the purpose of confined space entry permits

Explain the purpose of lockout/tagout permits. In your response, include at three examples that might be found in the process safety industry.

  What are the four closing journal entries

What are the four closing journal entries? How would the company be affected if the check is written and the invoice ends up being erroneous?

  Why are some people prejudiced against others

Write a two-page paper explaining how you would apply the sociological perspectives to explain a social phenomenon.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd