School of Computer of Science ASSIGNMENT BRIEFING SHEET (2016/17 Academic Year) Assignment Title ISMCReferral Portfolio SubmissionDate 15.06.2017 Module Title Information Security Management & Compliance Module Code 7COM1066 Tutor Dr. Stilianos Vidalis GROUP or INDIVIDUAL Assignment Individual FOR INDIVIDUAL ASSIGNMENTS – STUDENT TO COMPLETE (Comments on this assignment by students can be made on the back of the assignment briefing sheet). By completing BOX A below, I certify that thesubmitted work is entirely mine and that any material derived or quoted from the published or unpublished work of other persons has been duly acknowledged.[ref. UPR AS12, section 7 and UPR AS14 (Appendix III)].I also certify, that any work with human participants has been carried out under an approved ethics protocol in accordance with UPR RE01. Please print your forename and surname in capitals and provide your ID (srn) number. BOX A Student Forename (in CAPS please) Student Surname (in CAPS please) Student ID Number (SRN) Signature of Student                         FOR GROUP ASSIGNMENTS - STUDENTS TO COMPLETE Group Name/Number (if allocated by module team)       (Student comments on this assignment can be made on the back of the assignment briefing sheet) By completing BOX B below, we certify that the submission is entirely ours and that any material derived or quoted from the published or unpublished work of other persons has been duly acknowledged.[ref. UPR AS/C/6.1, section 7 and UPR AS/C/5 (Appendix III)].)]. We also certify, that any work with human participants has been carried out under an approved ethics protocol in accordance with UPR RE01 Please print your forenames and surnames in capitals, provide your; - ID numbers, actual time spent on the assignment and your signatures. By signing the submission you certify that this work represents equal contributions from all team members.If this is not the case, the module leader must be informed before submission. BOX B Student Forename (in CAPS please) Student Surname (in CAPS please) Student ID Number (SRN) Actual Time Spent by each Student (hours) Signature of Student                                                                                                                                                       This sheet must be submitted with the assignment, signed and either BOX A or B filled in. LATE SUBMISSION WILL ATTRACTA STANDARD LATENESS PENALTY. For undergraduate modules, a score of 40% or above represents a pass mark. For postgraduate modules, a score of 50% or above represents a pass mark. For work submitted up to 5 working days late marked is capped to a bare pass (40% for undergraduate and 50% for postgraduate). For work submitted more than 5 working days a mark of zero will be awarded for the assignment. School of Computer of Science ASSIGNMENT BRIEFING SHEET (2016/17 Academic Year) THE ASSIGNMENT TASK: This is an individual assessment. The GDPR will apply in the UK from 25 May 2018. The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.The ICO is committed to assisting businesses and public bodies to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.With so many businesses and services operating across borders, international consistency around data protection laws and rights is crucial both to businesses and organisations, and to individuals. To that extend, a number of accreditation bodies have been setup in the UK to assist companies in the transition. You are expected to comment on the impact the GDPR will have to the typical British SME and to the manner that enterprise policy will have to change in order to address the new legal requirements. For example, offensive information operations will now have to be used in order to inform the traditional defensive operations that were historically used for the assessment of information environments. You are expected to demonstrate an insight into the implications of the GDPR by using clear and concise arguments. The reports should be well written (and word-processed), showing good skills in creativity and design. Sentences should be of an appropriate length and the writing style should be brief but informative. The deadline for the referral assignment is the 26.06.2017. Assessment Criteria Mark Available GDPR Overview 25 GDPR comparison to existing legislation 25 Changes to policy making 25 Critical discussion (your justified & supported opinion) 25 Total 100 MODULE LEARNING OUTCOMES ASSESSED BY THIS ASSIGNMENT: critically demonstrate self-direction and creativity in managing the security of an information environment at the strategic, tactical and operational levels, effectively developing information security policies; use initiative to autonomously conduct and manage a risk assessment of a complex and unpredictable environment; demonstrate a systematic approach of creatively applying security standards to unfamiliar contexts for solving problems. SUBMISSION REQUIREMENTS: You are required to submit the final report via StudyNet in a PDF format. FEEDBACK FROM THIS ASSIGNMENT Individual personalised summative feedback will be given through StudyNet for the final submission. MARKS AWARDED FOR: Please see next page. DEADLINES AND ASSIGNMENT WEIGHTINGS 1 This assignment is worth 100% of the overall assessment for this module. 2 You are expected to spend about 40 Hours to complete this assignment to a satisfactory standard 3 Date assignment set 12.04.2017 Date completed assignment to be handed in 15.06.2017 4 Target date for return of marked assignment After Ref/Def Boards Marking Scheme Criteria Fail (< 40) Marginal Fail (40 – 49) Reasonable (50 – 59) Good (60 – 69) Excellent (>70) Task No definitions given. Superficial discussion of the topics. Not sufficient explanations of the different notions. No critical thought. Lack of originality. Very little understanding of the GDPR and its implications. Very week report structure. Reasonable evidence of some understanding of the issues of introducing the new legislation. Some definitions are included in the arguments. Very limited discussion that does not demonstrate critical thought. Clear definitions of the relevant issues. Appropriate discussion with supporting evidence for and against the new legislation. Report may contain some errors. The report demonstrates a good understanding of the topics, covering all key issues (including legal), demonstrating critical opinion. Evidence of high quality research from respected peer reviewed sources. No errors. High academic learning ability achieved. Exceptional quality of output demonstrating professionalism, reasoning, and methodological thinking. Report is of ‘publishable’ quality. Excellent understanding and exposition of the GDPR issues that shows insight and draws together various techniques and tools. No errors. INTERNAL MODERATION This assignment has been internally moderated. I confirm: That the assignment set, meets the requirements of the module and that the brief provides appropriate content for students to successfully complete the assignment. That the assessment is at an appropriate level and matches QAA level descriptors and is an appropriate form of assessment within the total range of assessments for this module. That the marking scheme is attached and that students can determine how marks are allocated. That this assessment can be completed and marked within University timeframes, and provides detailed feedback (more than just a grade) that supports learning. . Moderator name, signature and date