Assignment: IT Security Management- Contingency Planning and Security for Organizations
This assignment assesses the following Unit Learning Outcomes; students should be able to demonstrate their achievements in them.
a. Report on the significance of IT security management for organisations
b. Discussing the role of IT security management to support the security of businesses and corporations
c. Reporting on the security of the existing organisation architecture, data, application, technology, etc.
Length: 1200-1500 words.
The assignment consists of four questions. Prepare a report for the below sections. Addressing the requirements of the questions may require use of learning materials accompanied by online search. You will be applying the learning materials for the appropriate scenarios elaborated in the questions. All the references from online sources have to be cited at appropriate places in the report. A list of references should be provided using IEEE referencing style at the end of the report.
Shiba Veg is a famous vegetarian restaurant in Chaple Street, Melbourne. The management would like to take advantage of technology and introduce on-line booking and payment facility for their customers. As an InfoSec professional, you are to write a report on the following sections in relation to the restaurant information security requirement.
Section 1: Contingency Planning
Discuss what contingency planning is appropriate for the restaurant and discuss the issues you think might arise that would form part of the contingency plan (400 words)
Section 2: Security Tools
2. Provide three examples of security equipment or tools that you would recommend for the business and briefly explain why you choose them taking into account the investment cost (500 words)
Section 3: Information Security Act
3. Explain the main act that outlines the basis for the security of information in Australia and outline the key points (200 words)
Section 4: Security Management Policy
Using the following template, create a security management policy with defined separation of duties for the business:
Policy Name Policy Statement
Provide the purpose and objectives of the policy
Define what areas the policy covers and its scope. What areas of IT are impacted. What elements, IT assets, or organization-owned assets are within the scope of this policy?
Specify all the hardware, software and configuration standards.
Explain how you intend to implement this policy for the entire organization. This is the most important part of the policy definition as you need to explain and define the separation of duties across the domains of a typical IT infrastructure. All the domains should be as well as who is responsible for ensuring CIA and security policy implementation within that domain.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.