Information Security Management (COMP 0400) –Fall– 16 – CW2 – QP In Semester Assignment Module: Information Security Management (COMP 0400) Level: 3 Max. Marks: 100 Work proposal submission: 10.12. 2016 Submission Date: 03.01.2017 OBJECTIVES This assignment is designed to assess students' ability to:  Analyze the security frameworks challenges, risk and threats. .  Develop skills of dealing with new security trends. And enhance:  The student's knowledge through literature review.  Use of CU Harvard referencing system to cite and reference academic resources OUTCOME Students must have an understanding of the following points 1. Critically evaluate Information Security requirements 2. Analyse risk management process. 3. Develop information security baseline(s). Task 1: Submitting the assignment work proposal (10 Marks) Task 2: Most organizations these days are moving towards a more technology based environment. Applying risk management frameworks will help to address the incremental risks associated with adopting these developing technologies such as BYOD, Cloud computing and virtualizations. Therefore, as an information security manager choose one of these technologies and: a. Through two research papers analyse two frame works of Risk Management that can be used for your chosen technology/environment. (35 Marks) b. Through a case study show case the implementation process of risk management in any one of the environments. (35 Marks) Task 3: Raising awareness is a critical part of the whole risk management process. In your opinion, as an information security officer discuss the different methods and techniques to raise security awareness. (20 Marks)Information Security Management (COMP 0400) –Fall– 16 – CW2 – QP Provide the following information in the report: TASKS DESCRIPTION AND MARKS DISTRIBUTION Th e marks allocation scheme for the assignment is as follows: Task 1: Expectation: Submitting the assignment work proposal which includes the student understanding and plan on how to complete the deliverables, which resources to use and the time line. Task 2: a. Through two research papers analyse two frame works of Risk Management that can be used for your choosen technology/environment. Expectation: To define BYOD, cloud or virtualization and discuss two Risk Management frameworks that can be applied to these technologies to avoid risk and threats. b. Through a case study show case the implementation process of risk management in any one of the environments. Expectation: Analyse a case study where an organization that is adopting one the technologies has implemented risk management, showcasing the advantages , strengths and weaknesses. Task 3: Raising awareness is a critical part of the whole risk management process. In your opinion, as an information security officer discuss the different methods and techniques to raise security awareness. Expectations: add your own opinion on various techniques and methedolgies to help raise staff awareness of the importance of information security. ASSIGNMENT EVALUATION CRITERIA Students will be evaluated on the following point  Originality of answer, i.e. writing in your words with some amount of referenced material  Correct information and presentation in document form  Adequate referencing and citation provided  Submitting work proposal which include student solution plan and this will carry 10% of the marks  Oral Examination/VIVA: Assignment marks are based on the VIVA which will be conducted upon submission of assignment. The VIVA will be based on the tasks given in the assignment. ZERO marks will be awarded to the student if he/she is absent for VIVA. GUIDELINES  The report should have 2500 words approximately.  The document should be well presented and neatly done  Assignment should be computer typed using Calibri 12 font and the soft copy should be submitted through Moodle,Information Security Management (COMP 0400) –Fall– 16 – CW2 – QP duly checked by TurnItIn to check the similarity of work. Please note the time mentioned above and also go through the Middle East College plagiarism policy given below.  The report must have a Title Page, table of contents (optional), reference/ bibliography and page number. Every page must have header & footer.  At least EIGHT references are required which must be referenced by using Harvard Reference System.  Heading should be with Font Size 14, Bold, and Underline.  Each student has to do the assignment individually. Please submit one hard copy to myself (during class or office hour) and upload soft copies through Moodle in time.  You are welcome to discuss about the assignment with the lecturer in his/her office hours. PLAGIARISM POLICY Plagiarised documents, in parts or whole, submitted by the students will be rejected. For the first offence of plagiarism, a student enrolled in undergraduate programme is penalised with a deduction of 25% of the maximum marks on the assessment as per the plagiarism policy statement and is allowed to re-submit the work once, within a week's period. The student has the right to appeal against the decision made, to the respective Programme Coordinator. Further appeal on decision taken may be made to the Head of the concerned department. If the student is not satisfied by the decisions taken by the department, he/she can appeal to the Plagiarism Appeals Committee. For the second offence of plagiarism against the student, (committed in any semester after the semester of the student's first offence of plagiarism in the tenure of the student in the undergraduate programme), the student is awarded zero in the assessment where plagiarised content was found. The student is not allowed to resubmit the assessment. The student has the right to appeal against the decision made to the respective Programme Coordinator. Further appeal on decision taken may be made to the Head of the concerned department. If the student is not satisfied by the decisions taken by the department, s/he can appeal to the Plagiarism Appeals Committee. Repeated offences of plagiarism by the student (more than two times) are dealt with as per the college policy on Academic Dishonesty as mentioned in the Student Handbook (6.2). All decisions on plagiarism related offences will be communicated to the student by the respective module instructors, using routine channels of communication with students, currently used by the college, preferably on the same day the charges are confirmed or the very next working day. The student has the right to appeal against the decision informed by the module instructor to the Respective Program Coordinator. Further appeal on decision taken may be made to the Head of the c o n c e r n e d d e p a r t m e n t . If the student is not satisfied by the decisions taken by the department, s/he can appeal to the Plagiarism Appeals Committee. In certain cases, the student may be required to appear for an interview with the module instructor, if deemed necessary. The maximum time limit given to a student to raise appeal against the charges of plagiarism is two working days including the day on which the matter is informed to the student. It is preferable that the appeals are made on the same day ofInformation Security Management (COMP 0400) –Fall– 16 – CW2 – QP the college on which the student is informed of the issue. All appeals must be made during regular working hours of the college. LATE SUBMISSION POLICY Penalty for late submission - 5% of the maximum mark specified for the assessment will be deducted for each working day. Assessment documents submitted beyond a period of 1W EEK after the last date of submission will not be accepted and will be marked as zero for that assessment. FEEDBACK TO STUDENTS  The feedback will be given to the students work proposal within one week after the submission.  Feedback, on assignment, will be provided to the students (through moodle/emails/oral) within ONE week, after the submission date. RULES & REGULATION If two assignments/essays are similar in all aspects then marks will be deducted from both assignments. Your source of information should be mentioned in the reference page clearly. (For example: If it's from book, you have to mention the full details of the book with title, author name, and edition and publishers name. or if it is from internet you have to mention the correct complete URL) Note: If you have any questions, please ask {during class timings or office hours).Information Security Management (COMP 0400) –Fall– 16 – CW2 – QP In Semester Assignment Module: Information Security Management (COMP 0400) Level: 3 Max. Marks: 100 Work proposal submission: 10.12. 2016 Submission Date: 03.01.2017 ASSESSMENT EVALUATION SHEET  All tasks will be evaluated through the VIVA Total Marks Penalty Final Marks Task 2 A Expectation 0-9 10-20 21-31 32-35 Marks Through two research papers analyse two frame works of Risk Management that can be used for your chosen technology/environm ent. To define BYOD, cloud or virtualization and discuss two Risk Management frameworks that can be applied to these technologies to avoid risk and threats. Incomplete/ Plagiarized report General discussion on the research papers. Analyze two research papers where it demonstrates different risk management frameworks Analyze two research papers where it demonstrates different risk management frameworks with adding the student opinion and analysis Task 2 B Expectation 0-9 10-20 21-31 32-35 Marks Through a case study show case the implementation process of risk management in any one of the environments. Analyse a case study where an organization that is adopting one the technologies has implemented risk management, showcasing the advantages , strengths and weaknesses. Incomplete/ Plagiarized report General discussion on the case study Analyze a case study showcasing advantages , strengths and weaknesses of the risk mngt implementation Analyze a case study showcasing advantages , strengths and weaknesses of the risk mngt implementation . with adding the student opinion and analysis Task 3 Expectation 0 1-20 Marks In your opinion, as an information security officer discuss the different methods and techniques to raise security awareness. Demonstrate an understanding to raising information security awareness Plagiarized report Student's opinion with significant evidence Task 1 Expectation 0 1-10 Marks Proposal submission Submitting the proposal correctly No submissions Submitted