Based on the security policy you have researched, formulated, developed and documented in the item (a.) above, identify and assess the potential threats and vulnerabilities of the company’s network and discuss how such threats and vulnerabilities can be mitigated based on your research.

Questions:
(a.) Research, formulate, develop and document a strategic security policy for your
chosen organisation based on the nature of the organisation and the stakeholders
in the organisation.
(b.) Based on the security policy you have researched, formulated, developed and documented
in the item (a.) above, identify and assess the potential threats and vulnerabilities of the
company’s network and discuss how such threats and vulnerabilities can be mitigated
based on your research.

Attachments:Unit Name/Code ISY3006 Information Security
Assessment Type Report
Assessment Number Assessment Three
Assessment Name Report
Unit Learning LO3 – Research, develop, and document a basic security policy,
Outcomes Assessed and analyse, record, and resolve all security incidents
LO4 – Identify and assess the threats to, and vulnerabilities of
networks
Due Date and Time Friday, 31 January, 2020 by 5:00pm
Weighting 20%
Assessment This assessment is designed to help students to research and
Description analyze hot topics related to information security.
Detailed Submission Submit a word document through Turnitin in the unit Moodle
Requirements page
Assessment Details
Total Marks: 20
Length Minimum = 1,800 words Maximum = 2,200 words
Report Type Individual Report
Assignment
This is an individual assessment. This report gives you the opportunity to research, formulate, develop
and document a basic security policy for a specific organization in Australia ECXEPT for
BANKING/MORTGAGE organisation. Moreover, you are required to analyze, record, resolve security
incidents and identify and assess the threats to, and vulnerabilities of the organisation’s networks. This
report will use many of the concepts and techniques discussed in this unit throughout the semester.
Please note, you will need to either choose from the list of examples of the industries provided below or
come up with your own idea for a chosen specific organisation.
Hospital/Medical Centre
Supermarket
Vehicle rental
Tourism agency
Hotel/Motel
Australian Institute of Higher Education
CRICOS Provider Code: 03147A
Level 3 & 4 545 Kent Street Sydney NSW 2000 Australia
T: +612 9020 8050 W: www.aih.nsw.edu.au
School/University
Library
Aviation operator
Property Management
Please discuss your chosen organisation and or ideas with your lecturer before you start your research.
You must send the organization that you have chosen to your lecturer by Week 5. Please note you might
NOT be allowed to choose the same or similar specific organisation as other in your class. You should aim
at research, develop, and document answers to questions (a.) and (b.) below. Do not copy the examples of
information security policies used in class!
You should state clearly:
the name of the organisation you have chosen
the stakeholders of the organisation
the nature of the business and
answer questions (a) and (b).
Questions:
(a.) Research, formulate, develop and document a strategic security policy for your
chosen organisation based on the nature of the organisation and the stakeholders
in the organisation.
(b.) Based on the security policy you have researched, formulated, developed and documented
in the item (a.) above, identify and assess the potential threats and vulnerabilities of the
company’s network and discuss how such threats and vulnerabilities can be mitigated
based on your research.
Referencing and Plagiarism
All information in the report should be in your own words and not copied from other sources. Any idea used
should be referenced appropriately according to AIH policies and procedures. The report will be submitted
through Turnitin and similarities may attract large penalties according to AIH policies and procedures.
Please refer to the AIH Academic Misconduct Policy: http://www.aih.nsw.edu.au/content/1-home/8-
more-info-tabs/3-official-policies/academic-misconduct-policy.pdf
It is essential to use IN TEXT referencing. If you are using the exact words from a reference then
you must use quotation marks.
You can use Harvard Style referencing with numbers, with a listing at the end of the report. Microsoft
Word has an EndNote plugin that makes this style very easy and clear to follow.
https://library.sydney.edu.au/subjects/downloads/citation/Harvard_Complete.pdf
Australian Institute of Higher Education
CRICOS Provider Code: 03147A
Level 3 & 4 545 Kent Street Sydney NSW 2000 Australia
T: +612 9020 8050 W: www.aih.nsw.edu.au
DO NOT COPY AND PASTE FROM THE INTERNET OR COPY OTHER STUDENTS’ WORK!
Submission
You are required to submit a digital copy of the report to Turnitin on Moodle by Friday, 31st January, 2020.
You will NOT need to submit a hard copy.
Late submissions will attract a 5% late penalty (of the maximum mark) per day (or part thereof) as per
the late submission policy.
Report Structure
Cover Page – your name, ID, subject, date, report title and WORD COUNT
Executive Summary
Table of Contents – listed sections (and sub-sections
if required) Introduction – Brief and clear introduction
Body
References-listing of all cited literature. A small number of high-quality references strategically used
is the main aim here.
Formatting Guide
Font: Times New Roman 12pt for paragraph text, 14pt bold for headings, with single
paragraph breaks between paragraphs.
Line Spacing: 1.5, Margins: 2cm all around
Alignment: left-aligned.
Page numbering: Insert page number
Australian Institute of Higher Education
CRICOS Provider Code: 03147A
Level 3 & 4 545 Kent Street Sydney NSW 2000 Australia
T: +612 9020 8050 W: www.aih.nsw.edu.au
Marking Guide
Element Ranking
1 2 3 4 5 Possible Actual
marks marks
Poor Fair Good Very good Excellent
3
Format, Basic and Basic and partially Clear and Clear and Clear and
Sources, and partially correct format, less correct format, correct format, correct format,
grammar correct format, recent fair-quality recent fair- recent high- recent highnon- articles, scholarly quality quality quality articles,
contemporary language not used articles, articles, scholarly
low-quality and poor attention scholarly scholarly language
articles, to detail language language throughout and
scholarly Few partly used mostly used thorough
language not sections/paragraphs and good and quite attention to
used and poor smoothly and thorough thorough detail
attention to logically linked attention to attention to sections/
detail detail detail paragraphs
Little evidence Some Most sections/ smoothly and
of smooth sections/ paragraphs logically linked
linking and paragraphs smoothly and
logical linking smoothly and logically linked
logically linked
0.5 mark 1 mark 1.5 marks 2 marks 3 marks
Research, Very basic Some basic Good basic Sound overall Detailed and 3
formulate, research and research and research and research and excellent with
develop and documentation documentation of a documentation documentation research and
document a of a strategic strategic security of a strategic of a strategic documentation
strategic security policy policy security policy security policy of a strategic
security security policy
policy for 0.5 mark 1 mark 1.5 marks 2 marks 3 marks
your chosen
organisation
identify and Very basic Some basic Good basic Sound overall Detailed and 3
assess the identification identification and identification identification excellent
potential and assessment of the and and identification
threats and assessment of potential threats assessment of assessment of and
vulnerabilities the potential and vulnerabilities the potential the potential assessment of
threats and threats and threats and the potential
vulnerabilities vulnerabilities vulnerabilities threats and
and mitigation vulnerabilities
0.5 mark 1 mark 1.5 marks 2 marks 3 marks
Discuss how Very basic Some basic Good basic Sound overall Detailed and 3
such threats mitigation of mitigation of the mitigation of mitigation of excellent
and the potential potential threats the potential the potential mitigation of the
vulnerabilities threats and and vulnerabilities threats and threats and potential threats
can be vulnerabilities vulnerabilities vulnerabilities and
mitigated vulnerabilities
0.5 mark 1 mark 1.5 marks 2 marks 3 marks
Australian Institute of Higher Education
CRICOS Provider Code: 03147A
Level 3 & 4 545 Kent Street Sydney NSW 2000 Australia
T: +612 9020 8050 W: www.aih.nsw.edu.au
Analysis, Very basic Some basic Good basic Sound overall Detailed 5
argument analysis analysis evident but analysis analysis with analysis with
and cover all evident but no no critique or lacking limited critique evidence of
requirements depth, critique insight. Some critique and and insight. All critique and
(•the name of or insight. requirements insight. All requirements insight. All
the Only few covered. requirements covered. requirements
organisation requirements covered. covered
you have covered.
chosen
•the 1 mark 2 marks 3 marks 4 marks 5 marks
stakeholders
of the
organisation
•the nature of
the business
and)
Referencing Little or no Referencing skills Referencing Referencing Referencing 3
evidence of minimally intact, skills partially skills mainly skills fully
any citations inaccurate and with intact, partially intact, intact, accurate
or reference multiple errors accurate and accurate and and well-used
list used with well-used with no obvious
some errors some errors errors
0.5 mark 1 mark 1.5 marks 2 marks 3 marks
TOTAL 20
Australian Institute of Higher Education
CRICOS Provider Code: 03147A
Level 3 & 4 545 Kent Street Sydney NSW 2000 Australia
T: +612 9020 8050 W: www.aih.nsw.edu.au