Professional Documents
Culture Documents
INSTRUCTIONS:
1. This is a GROUP PROJECT. The project must be done in a group of four to five students.
2. Each group is required to identify and select a real and existing organization for the group
project. However, to ensure no overlapping organizations are selected, each group will
be assigned by the lecturer to choose an organization based on the organization’s nature
of business or industry. Each industry can be selected by one (1) group ONLY.
4. Assume that the selected organization is having issues and threats on information security,
students are required to set up an information security program to secure information in
modern organization environments.
5. Students are required to prepare a brief written proposal and must be submitted to the
lecturer on WEEK 9 (Deadline: 11 December 2020 – before 11:59PM). Your proposal must
include the following information:
6. Once the project proposal is approved, students must identify and select the best solution
and approach for an effective information security (InfoSec) program. Students must
include the following elements:
Late submission will not be entertained and shall affect your grades!
Please follow these guidelines when compiling your report for the INFORMATION SECURITY
PROGRAM project:
a) Format: Arial 11, spacing: 1.5 cm and at least 15 pages (excluding appendices).
● Preliminary Materials
i. Cover page
ii. Table of Contents
iii. Acknowledgements
● Body of Report
i. Abstract/Executive Summary
ii. Introduction
▪ Organization’s background – Corporate profile, mission, vision, and objectives.
▪ Project Background – Highlight the problem and place it within the context of
the information security program.
iii. Contents
▪ Solution and Approach – Explain your solution, approach, deliverables, and
timeframe. Students must include proposed policy, Risk Management, Life-
cycle planning, Personnel/User Issues, identify resources, develop scenarios,
develop strategies. Use Gantt Chart to show the timeframe.
▪ Financials – Give an estimate of the budget and resources required to develop
this project.
▪ Computer security incident handling – Incident detection, reaction, recovery,
follow-up
▪ Awareness and training – SETA plans, awareness projects
▪ Security considerations in computer support and operations – help desk
integration, defending against social engineering, improving system
administration
▪ Physical and environmental security – guards, gates, locks and keys, alarms
▪ Identification and authentication – identification, authentication, passwords,
advanced authentication
▪ Logical access control – Access criteria, access control mechanisms
▪ Audit trails – systems log, log review processes, log
▪ Cryptography – TKI, VPN, key management, key recovery
iv. Conclusions
v. Reference (APA style)
● Appendices
i. Relevant Documents.