This report gives you the opportunity to research, formulate, develop and document a basic security policy for a specific organization in Australia. Moreover, you are required to analyze, record, resolve security incidents and identify and assess the threats to, and vulnerabilities of the organisation’s networks. This report will use many of the concepts and techniques discussed in this unit throughout the semester.
Please note, you will need to either choose from the list of examples of the industries provided below or come up with your own idea for a chosen specific organisation.
 Banking/Mortgage
 Hospital/Medical Centre
 Supermarket
 Vehicle rental
 Tourism agency
 Hotel/Motel Unit Name/Code ISY2003/ISY203 Information Security
Assessment Type
Report
Assessment Number
Assessment Three
Assessment Name
Report
Unit Learning Outcomes Assessed
LO3 – Research, develop, and document a basic security policy,
and analyse, record, and resolve all security incidents
LO4 – Identify and assess the threats to, and vulnerabilities of
networks
Due Date and Time
Friday, 21st September, 2018 by 5:00pm
Weighting
20%
Assessment Description
This assessment is designed to help students to research and analyze hot topics related to information security.
Detailed Submission Requirements
Submit a word document through Turnitin in the unit Moodle page
Australian Institute of Higher Education
CRICOS Provider Code: 03147A
Level 3 & 4 545 Kent Street Sydney NSW 2000 Australia
T: +612 9020 8050 W: www.aih.nsw.edu.au
 School/University
 Library
 Aviation operator
 Property Management
Please discuss your chosen organisation and or ideas with your lecturer before you start your research. You might NOT be allowed to choose the same or similar specific organisation as other student in your class. You should aim at research, develop, and document answers to questions (a.) and (b.) below. Do not copy the examples of information security policies used in class!
You should state clearly:
 the name of the organisation you have chosen
 the stakeholders of the organisation
 the nature of the business and
 answer questions (a) and (b).
Questions:
(a.) Research, formulate, develop and document a strategic security policy for your chosen organisation based on the nature of the organisation and the stakeholders in the organisation.
(b.) Based on the security policy you have researched, formulated, developed and documented in the item (a.) above, identify and assess the potential threats and vulnerabilities of the company’s network and discuss how such threats and vulnerabilities can be mitigated based on your research.