Overview
You are required to produce a business report for the board of directors of a business organisation regarding the security risks the organisation may face and your recommended control strategies. The purpose of this assessment is for you to demonstrate that you understand the security risks an organisation may face while transitioning to online business and the challenges that need to be addressed to minimise those risks.
Learning Outcomes
The targeted Course Learning Outcomes for this assessment are:
- CLO1:Apply a set of IS and business skills to design and evaluate an information systems security architecture.
- CLO2: Develop security solutions and mitigation strategies to address security threats and vulnerabilities for Information Systems (IS) and other organisational assets.
- CLO3: Apply security management and technical tools and knowledge to real-life case study situations.
- CLO6: Frame judgements and communicate the results of security problem solving activities, individually and within a group.
Assessment details
The COVID-19 pandemic has significantly changed the way we live and run our businesses. Due to lockdown and other government restrictions businesses had to swiftly shift to an online model. Such a sudden shift has not always followed appropriate risk analysis and assessment activities, which may result in businesses suffering from cyberattacks. Your task begins with selecting a particular industry sector for this individual project. You can select any type of industry, e.g., healthcare, retail, banks, food, accommodation, financial and insurance services, education, etc. Please note that these are just examples and do not show a comprehensive list. You can talk to your tutor if you need help with selecting a type of business organisation for this task.
Consider that you have been hired as a security professional to provide advice and guidance to ABC company who are planning to move their businesses online to continue operating and providing service to their stakeholders. For this task, you can consider that the ABC company is doing a similar business as your selected industry sector. You can use personal experience, communicate with someone working in that industry, and/or conduct a literature review or any other form of investigation to determine how the business operates, what its information assets are, and what the requirement will be to move the business online. The next step is to conduct a formal risk assessment activity. You need to identify seven potential security risks that the company may face while operating its business online. You need to calculate and present both qualitative and quantitative risk assessments for this task. After identifying the risks, you need to provide appropriate control strategies for each risk and provide appropriate justification for taking the action. You should consider 70% budget availability to tackle these risks, i.e., if the organisation needs to spend $100,000 to handle all the six risks, only $70,000 is currently available. Please note that this is just an example. You should use your own amount based on the security control measure and background research.
As discussed in Week 10 & 11 modules, Internet-of-things (IoT) and Industry 4.0 are going to make a huge impact on businesses and how they operate. Identify two such changes that may happen in the near future in ABC company. Use appropriate assumptions and some background research to answer this part. Are these changes going to produce any additional security risk? Why or why not? If you answered yes, what are those security risks? If there are additional security risk, how can they be handled? Can you think of any ethical or legal implications of these changes? Justify your answer with proper explanation and relevant evidence.
Your report should highlight the following issues:
- As part of your report, you should concisely and clearly present your findings of how the business operates and how the services will move online.
- Clearly highlight sevenpotential risks and present qualitative and quantitative risk analysis
- Present security control strategies to handle those risks with appropriate justification.
- Highlight and justify the budget amount allocated for each control strategy.
- Discuss the impact of Internet-of-things and industry 4.0 (two changes)
- Highlight any additional security risks that may exist due to these changes and their mitigation
- Discuss any legal or ethical implication of these changes
You should include any other relevant issues you feel is important in your report. You are expected to explore beyond the study materials provided in this course to conduct extensive background research.
The next part of this assessment will require you to produce a short presentation (up to 8 minutes). You should prepare a short presentation for the board of directors of ABC company and present your findings on the identified security risks, appropriate control strategies, impact of emerging technologies, additional security risks and legal and ethical implications. Your presentation should highlight any other relevant issue that you feel is important for the board of directors to know. The presenter should be visible during the presentation, i.e., it is not sufficient to only have audio over slides.
Due Date and Submission details
The due date for this assignment is Friday Week 14 11:59 PM.
You need to submit the following in Canvas:
- Upload the completed video to canvas for up to (8 minutes). Marks will be deducted for longer videos. Please remember that this presentation is for the board of directors and hence you should only highlight key information that they need to know, and they may have limited technical knowledge.
- The PowerPoint presentation slides. Please follow the standards of preparing a business presentation
- A written report of no longer than 2500-3000 words highlighting your key findings. Please follow the structure of a professional business report. .
- The submissions will go through a Turnitin check and appropriate actions will be taken as per RMIT’s academic misconduct policy.
Marks will be deducted if your submission is made after the due date (Friday Week 14 at 11:59 pm) according to RMIT's late submission policy and if all the required files mentioned above are not submitted in a properly accessible format.
Assessment Criteria
This assessment will measure your ability to:
Report (Total of 26%)
- Risk management (12%)
- Impact of emerging technology (8%)
- Presentation/formatting (3%)
- Referencing (3%)
Presentation (Total of 14%)
- Content (6%)
- Slide design (4%)
- Presentation quality (4%)
Questions?
If you have any questions, check the discussion board to see if they have already been answered. If not post your question or alternatively ask your teacher in your workshops.
Referencing guidelines
Use RMIT Harvard (Links to an external site.) referencing style for this assessment.
You must acknowledge all the courses of information you have used in your assessments.
Refer to the RMIT Easy Cite (Links to an external site.) referencing tool to see examples and tips on how to reference in the appropriated style. You can also refer to the library referencing page for more tools such as EndNote, referencing tutorials and referencing guides for printing.
Academic integrity and plagiarism
Academic integrity (Links to an external site.) is about honest presentation of your academic work. It means acknowledging the work of others while developing your own insights, knowledge and ideas.
You should take extreme care that you have:
Acknowledged words, data, diagrams, models, frameworks and/or ideas of others you have quoted (i.e. directly copied), summarised, paraphrased, discussed or mentioned in your assessment through the appropriate referencing methods
Provided a reference list of the publication details so your reader can locate the source if necessary. This includes material taken from Internet sites
If you do not acknowledge the sources of your material, you may be accused of plagiarism because you have passed off the work and ideas of another person without appropriate referencing, as if they were your own.
RMIT University treats plagiarism as a very serious offence constituting misconduct.
Plagiarism covers a variety of inappropriate behaviours, including:
- Failure to properly document a source
- Copyright material from the internet or databases
- Collusion between students
Expert's Answer
Chat with our Experts
Want to contact us directly? No Problem. We are always here for you
Get Online
Assignment Help Services