Presentation is loading. Please wait.

Presentation is loading. Please wait.

On completion of the scenario, students will be able to: Learning Outcomes 1 Critically analyse and prioritise information security risks. 2 Systematically.

Published byBrendan Ferguson Modified over 7 years ago

Similar presentations

Presentation on theme: "On completion of the scenario, students will be able to: Learning Outcomes 1 Critically analyse and prioritise information security risks. 2 Systematically."— Presentation transcript:

1

2 On completion of the scenario, students will be able to: Learning Outcomes 1 Critically analyse and prioritise information security risks. 2 Systematically identify countermeasures and review techniques appropriate to the management of information security risks. 3 Demonstrate a thorough understanding of the policy and technology trade-offs involved in developing information security systems of adequate quality. 4 Analyse and evaluate the significance of legal regulations and requirements on information security systems.

3 Pre-requisite Knowledge This scenario is adaptable and the prerequisite knowledge is not essential, some of it may be considered part of the learning outcomes. The following identify concepts/processes that are required for successful completion of the scenario. Information Security concepts including: 1.Confidentiality, Integrity, Availability, 2.Information Assets, Threat, Vulnerability, Impact, Likelihood, Risk, 3.Teamwork.

4 Pre-requisite Knowledge Introduction The following quiz will test your pre-requisite knowledge.

5 Quiz Click the Quiz button to edit this quiz

6 Introduction You have been hired as a consultant to an SME (West Lancashire Asbestos)

7 The Company West Lancashire Asbestos (WLA) is a small company with 18 full time employees employed. Employees are trained to the highest standards and supported by one of the most respected management teams in industry. The company is full licensed by the Health and Safety Executive (HSE) to work with Asbestos Containing Materials. All major contracts are allocated a designated Contracts Manager and Asbestos Administrator.

8 Company Divisions Asbestos Removal Service Domestic Contracts Large Scale Commercial Contracts Asbestos Surveying Asbestos Awareness Training WLA Originally offered

9 Managing Director Interview

10 Task 1 To provide detailed advice of how to implement an ISMS that is consistent with the ISO27k framework. Produce an outline plan of activities required for the implementation of ISO27001. To provide detailed recommendations as to the Risk assessment process that should be adopted. Your response should be contained in one team Information Security Management (ISM) recommendations report together with a presentation. You will get feedback on this. Essentially this comprises a formative draft for this section of the assessment. A table showing team members’ contribution to the work in the scenario.

11 Task 2 To create key documents for the Risk assessment, consistent with ISO27001:2013. To identify any actions the company should take to create and maintain a security culture and ensure the ISMS is a ‘living’ system. Additional information regarding the scenario can be obtained from your tutor. Your team should submit your comprehensive ISM final report. This should address all terms of reference, and include updated version from stage 1. A table showing team members’ contribution to the work in the scenario. Your team will also present your solution to the board of directors in a tutorial. A short PowerPoint presentation is expected. Your contribution to teamwork will be graded.

12 Reflection on Learning It is also important that at the end of the scenario you should reflect on your learning and team working and identify what worked well, what didn’t and actions for future improvement.

Download ppt "On completion of the scenario, students will be able to: Learning Outcomes 1 Critically analyse and prioritise information security risks. 2 Systematically."

Similar presentations

Achieve Benefit from IT Projects. Aim This presentation is prepared to support and give a general overview of the ‘How to Achieve Benefits from IT Projects’

Achieve Benefit from IT Projects. Aim This presentation is prepared to support and give a general overview of the ‘How to Achieve Benefits from IT Projects’
E.g. 4.3.2 Act as a positive role model for innovation 4.3.1. Question the status quo 2.3.4 Keep the focus of contribution on delivering and improving.

E.g Act as a positive role model for innovation Question the status quo Keep the focus of contribution on delivering and improving.
The Aged Care Standards and Accreditation Agency Ltd Continuous Improvement in Residential Aged Care.

The Aged Care Standards and Accreditation Agency Ltd Continuous Improvement in Residential Aged Care.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
Work-Based Learning (WBL) Coordination The Amended Model WORKLIFE COOPERATION PLAN Workplace analysis Workplace database Framework agreement Workplace.

Work-Based Learning (WBL) Coordination The Amended Model WORKLIFE COOPERATION PLAN Workplace analysis Workplace database Framework agreement Workplace.
Confidential & Proprietary to Cooper Compliance Corporation Revised September 8, 2014 AUDiT-READY TM.

Confidential & Proprietary to Cooper Compliance Corporation Revised September 8, 2014 AUDiT-READY TM.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
Mitun PatelMXP07U. Organisational structure Top management; this includes the organisation’s general manager and its executives Department managers; this.

Mitun PatelMXP07U. Organisational structure Top management; this includes the organisation’s general manager and its executives Department managers; this.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
Teaching Security via Problem- based Learning Scenarios Chris Beaumont Senior Lecturer Learning Technology Research Group Liverpool Hope University College.

Teaching Security via Problem- based Learning Scenarios Chris Beaumont Senior Lecturer Learning Technology Research Group Liverpool Hope University College.
SecureAware Building an Information Security Management System.

SecureAware Building an Information Security Management System.
OHT 25.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The quality assurance organizational framework Top management’s quality.

OHT 25.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The quality assurance organizational framework Top management’s quality.
Association for Biblical Higher Education February 13, 2013 Lori Jo Stanfield Evaluator Team Training for Business Officers.

Association for Biblical Higher Education February 13, 2013 Lori Jo Stanfield Evaluator Team Training for Business Officers.
NIST Special Publication Revision 1

NIST Special Publication Revision 1
SME Security. Articulate the major security risks and legal compliance issues for an SME.Explain and justify approaches of investment on InfoSec controls,

SME Security. Articulate the major security risks and legal compliance issues for an SME.Explain and justify approaches of investment on InfoSec controls,
Group work – why do it? Rachel Horn – Civil & Structural Engineering.

Group work – why do it? Rachel Horn – Civil & Structural Engineering.
Management of Change ► The health, safety, security, environmental, technical and other impacts of temporary and permanent changes are formally assessed,

Management of Change ► The health, safety, security, environmental, technical and other impacts of temporary and permanent changes are formally assessed,
Copyright  2005 McGraw-Hill Australia Pty Ltd PPTs t/a Australian Human Resources Management by Jeremy Seward and Tim Dein Slides prepared by Michelle.

Copyright  2005 McGraw-Hill Australia Pty Ltd PPTs t/a Australian Human Resources Management by Jeremy Seward and Tim Dein Slides prepared by Michelle.
International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.

International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.

Similar presentations

Ads by Google