Its an Information security management Subject a branch for Network security.
Please do read the all the requirements before start the work.
Please do follow those rules and at the end their is Answer file, you need to use that file for the solutions.
Assessment Task
You are required to analyse the scenario on page 3 and develop the following ISSP for the organisation described in the scenario:
- Access and use of sensitive information of the organisation
The ISSP should include:
1. Statement of Purpose
2. Authorised Uses
3. Prohibited Uses
4. Systems Management
5. Violations of Policy
6. Policy Review and Modification
7. Limitations of Liability
You also need to include a section containing the justification of the contents of your policy as well as any assumptions that you have made.
The Scenario for Information Security Management Assessment Tasks
A private company in Australia plans to establish a private nursing school. The main campus of the nursing school is located in a suburb of Sydney and the satellite campuses are located in the suburbs of capital cities of three South East Asian countries. The company has made agreements with a private hospital in each of these locations to provide the internship and training to the students of the nursing school. The main and satellite campuses that are currently being constructed will have modern communication networks suitable for the business.
The lectures, tutorials and laboratory classes conducted in the main campus will form virtual classrooms with the satellite campuses. The students can participate in the virtual classes from within the campus premises or from their homes. More than 100 students are expected to enrol in each location in the first year.
The management of the company plans to help out the wider community by providing a telemedicine and homecare service to the needy patients at their homes. This service covers a radius of about 200km from the main and satellite campuses and will be provided with the help of a mobile team of health personnel.
The mobile team will be able to receive medical advice directly from the medical staff of the hospital in their country as well as the private hospital in Sydney via a virtual consultation room. The hospitals should be able to locate and contact all registered homecare patients. The nursing school should know the location of all their students and staff when they are on duty.
As the company is newly established, the information security policies are yet to be developed.
TEMPLATE
|
Access and Use of Sensitive Information of the Organisation
|
Mark
allocated
|
Mark earned
|
|
Assumptions
|
6
|
|
|
1 Statement of Purpose
|
3
|
|
|
2 Authorised Uses
|
3
|
|
|
3 Prohibited Uses
|
3
|
|
|
4 Systems Management
|
3
|
|
|
5 Violations of Policy
|
3
|
|
|
6 Policy Review and Modification
|
3
|
|
|
7 Limitations of Liability
|
3
|
|
|
Justification
|
6
|
|
|
References
|
2
|
|
|
Late submission penalty
|
|
|
|
Plagiarism penalty
|
|
|
|
Total
|
35
|
|