COIT20263 Assignment Help
Information Security Management Assignment help
This assessment task relates to the Unit Learning Outcomes 3 and 4. This is a group assessment and should be undertaken in a group of up to 4 members. Distance/online students can form groups with on-campus students as well. Distance/online students, please communicate with the unit coordinator regarding group formation.
In this assessment task, you will analyse the scenario given on page 3 and discuss in a report as to how you apply the principles of information security risk management as well as information security certification and accreditation to the organisation in the given scenario. Your report should also include guidelines and recommendation for the given organisation with thorough analysis.
You are required to analyse the scenario on page 3 and write a report on the following two parts:
a) Guidelines for information security risk management for the organisation described in the scenario, where the discussion should include:
• Identifying and prioritising risk factors for information assets in the given scenario (you must consider risk factors associated with cloud migration).
• The risk management framework(s), strategy and process that could be adopted to discover, assess, treat, and manage the InfoSec risks for the organisation.
• Strategy of risk acceptance and risk mitigation plan that could be adopted by the organisation.
b) Guidelines for information security certification, accreditation, and security assessment for ISSS.
Please note that you might need to make some assumptions about the organisation in order to write this report. These assumptions should match the information in the case study and not contradict the objectives of the report. They should be incorporated in your report. To avoid loss of marks, do not make assumptions that are not relevant or contradictory, or will not be used in your report discussion