BSBXCS402 Assessment Task 2 V4 Digital Marketing PDF

Assessment
Task 2
Promote workplace cyber
security awareness and
best practices
BSBXCS402
Student Declaration
To be filled out and submitted with assessment responses
I declare that this task and any attached document related to the task is all my own work and I have not
cheated or plagiarised the work or colluded with any other student(s)
I understand that if I am found to have plagiarised, cheated or colluded, action will be taken against me
according to the process explained to me
I have correctly referenced all resources and reference texts throughout these assessment tasks.
I have read and understood the assessment requirements for this unit
I understand the rights to re-assessment
I understand the right to appeal the decisions made in the assessment
Unit Title
Unit Code
Student name Ben Walker
Student ID 63482
number
Student Ben Walker Date

signature
Task Number 2 13/11/21
BSBXCS402 - Promote workplace cyber security awareness and best practices V3 2021 Page 2
RTO Provider: 91153 - CRICOS Code: 02672Kgreenwichcollege.edu.au
------OFFICE USE ONLY-----
For Trainer and Assessor to complete:
Student requested reasonable adjustment for the assessment
Marking Sheet Comments Y N D

NS
Completed successfully
Did the student satisfactorily:

The student has satisfactorily completed ☐ ☐ ☐
and submitted the following:
• Feedback form in Task 2.1A

• Report in Task 2.1B
• Email to BoD in Task 2.1C
• Training plan in Task 2.2A
• Policy in Task 2.2B
• Password procedures in Task 2.2C
• Phishing Scams' prevention in Task 2.2C
• Bring Your Own Device (BYOD)
procedure in Task 2.2C
• Recovery Plan in Task 2.2C
• Folders' screenshot in Task 2.2C
• Social media post in Task 2.2D
• Newsletter article in Task 2.2D
• Coaching plan in Task 2.3
• Feedback Summary in Task 2.3
• Reflection in Task 2.3
NS

The student consulted with the HR Manager ☐ ☐ ☐
(trainer and assessor), when developing the
cyber security report:
• Clarified the scope of the report
• Identified the requirements of the task
• Sought expert advice
• Used questioning, summarising,
rephrasing and active listening to
conduct effective consultation
• Was able to use specific and industry-
related terminology relevant to cyber
security in the workplace
Feedback in Comments.
NS

The student met with the management ☐ ☐ ☐
team in simulated work conditions (Role-
Play) to:
• Arrange and conduct training
• Present updates to policy and
procedures related to cyber security and
collect insights and feedback
The student:
• Had prepared a coaching plan for the
meeting
• Explained why the new (or updated)
policy and procedures were needed
• Presented the new cyber security policy
developed in Task 2.2B
• Presented the processes designed in
Task 2.2C
• Gathered feedback and insights from
managers about the processes and the
policy
• Delivered the coaching session
according to plan
• Used questioning and active listening to
ensure understanding
• Facilitated discussion with the managers
• Provided information in a clear and
concise manner
Feedback in Comments.
NS

Demonstrated ability to: ☐ ☐ ☐
• Create and maintain cyber security
awareness program that reflects
organisation-wide best practice
• Contribute to developing cyber security
policies and procedures, and
communicate to required personnel
• Arrange training and information
updates as required, and maintain
related records
• Present insights from review and
training to required personnel and
potential related impacts on the
workplace
• Communicate review outcomes and
cyber security improvement
requirements according to
organisational policies and procedures
This is evidenced by:

• Training plan in Task 2.2A
• Policy in Task 2.2B
• Password procedures in Task 2.2C
• Phishing Scams' prevention in Task 2.2C
• Bring Your Own Device (BYOD)
procedure in Task 2.2C
• Recovery Plan in Task 2.2C
• Folders' screenshot in Task 2.2C
• Social media post in Task 2.2D
• Newsletter article in Task 2.2D
• Coaching plan in Task 2.3
• Feedback Summary in Task 2.3
• Reflection in Task 2.3
• Performance during the Role-Play (refer
to feedback from trainer and assessor
on the marking sheet)
NS

Demonstrated ability to: ☐ ☐ ☐
• Review latest cyber security threats and
trends impacting organisations
• Document outcomes of the review and
suggested improvements for
consideration by required personnel
• Communicate review outcomes and
cyber security improvement
requirements according to
organisational policies and procedures
• Establish the current level of awareness
in work area relating to cyber security
• Review cyber security practices
according to organisational policies and
procedures
• Present insights from review and
training to required personnel, and
potential related impacts on workplace
This is evidenced by:

• Feedback form in Task 2.1A
• Report in Task 2.1B
• Email to BoD in Task 2.1C
• Consultation with HR Manager in
simulated work conditions (refer to
feedback from trainer on marking
sheet)
Task Outcome: Satisfactory ☐ Not Yet Satisfactory ☐
Student Name:
Assessor Name:
Assessor Signature:
Date:
Table of Content
!"#$%&%'%()*+*,-%.*)$/0"1-%123-)%#-14)5,2%".")-6-##%"67%3-#,%/)"1,51-# 8888888888888888888888888888888889
Task 2.1 Review cyber security in the workplace .........................................................................................................12
Task 2.2 Develop cyber security awareness in the workplace ......................................................................................20
Task 2.3 Support effective cyber security practices ......................................................................................................26
://-675;%<%'%:3*4,%,=-%>*+/"62 88888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888&?
Task 2 – Promote workplace cyber security awareness and

best practices
Task summary and instructions
What is this You have been hired as a business consultant by XYZ Pty Ltd, trading
assessment task as Zeemh (refer to Appendix 1), to promote workplace cyber security
about? awareness and best practices.
Please read Appendix 1 to support the completion of your assessment.
The CEO asked you to:
• Establish the current level of awareness in the management team

relating to cyber security
• Recommend improvements
• Create cyber security policies, and create and maintain cyber
security awareness programs
• Support effective cyber security practices in the organisation
This task comprises of the following assessment methods:

o Product-based ☒
o Direct observation of Role-Play ☒
o Case Study ☒
o Other (specify) ☐
It has been designed to evaluate your ability to/competency in:
• Establish current level of awareness in work area relating to cyber

security
• Create and maintain cyber security awareness program that
reflects organisation-wide best practice
• Contribute to developing cyber security policies and procedures,
and communicate to required personnel
• Review cyber security practices according to organisational policies
and procedures
• Arrange training and information updates as required, and
maintain related records
• Present insights from review and training to required personnel,
and potential related impacts on workplace
• Review latest cyber security threats and trends impacting
organisations
• Document outcomes of review and suggested improvements for
consideration by required personnel
• Communicate review outcomes and cyber security improvement
requirements according to organisational policies and procedures
Your assessor will be looking for demonstrated evidence of your

competency in the above.
What do I need to do • submit the completed assessment tasks, according to instructions,

to complete this task • complete the tasks with sufficient detail and present them in a
satisfactorily? professional manner,
• use your own words and reference sources appropriately,
• meet the word count where required,
• use the scenario provided,
• use the templates provided where required,
• for your performance to be deemed satisfactory in this assessment
task you must satisfactorily address all of the assessment criteria,
• if part of this task is not satisfactorily completed, you will be asked
to complete further assessment to demonstrate satisfactory
performance.
Specifications You must deliver/participate in:
• Consult with the HR Manager as needed when developing the

Cyber Security report
• Meet with the managers to present the updates to policies and
procedures and conduct a coaching session in week 5 (Role-Play)
You must submit to GOALS
• Feedback form
• Report
• Email to BoD
• Training plan
• Policy
• Password procedures
• Phishing Scams' prevention
• Bring Your Own Device (BYOD) procedure
• Recovery Plan
• Folders’ screenshot
• Social media post
• Newsletter article
• Coaching plan
• Feedback Summary
• Reflection
BSBXCS402 - Promote workplace cyber security awareness and best practices V3 2021 Page
10
Resources and • Computer with Internet access

equipment • Access to Microsoft Office suites or similar software
• Learning material
• Scenario for assessment as provided
• Appendices as provided
• Relevant policies and procedures as provided
• Templates as provided
Re-submission You will be provided feedback on your performance by the Assessor.

opportunities The feedback will indicate if you have satisfactorily addressed the
requirements of each part of this task. If any parts of the task are not
satisfactorily completed, the assessor will explain why, and provide
you written feedback along with guidance on what you must
undertake to demonstrate satisfactory performance. Re-assessment
attempt(s) will be arranged at a later time and date. You have the
right to appeal the outcome of assessment decisions if you feel that
you have been dealt with unfairly or have other appropriate grounds
for an appeal. You are encouraged to consult with the assessor prior
to attempting this task if you do not understand any part of this task
or if you have any learning issues or needs that may hinder you when
attempting any part of the assessment.
Complete the following activities:

To complete this task, please read the:
• Appendix 1 at the end of this document
• The following policies are provided in a separate folder:
o Communication – Policy
o Information Management – Policy
o Social Media – Policy
o Data Management – Policy
o Continuous Improvement - Policy
o Employee HR Manual
11
You will work in simulated work conditions, the trainer and assessor will play the role of the HR
Manager at XYZ. Consult with the HR Manager as needed.
The trainer and assessor will confirm that you have consulted with them and provide feedback on the
marking sheet.
Task 2.1 Review cyber security in the workplace
This task requires you to:

• Establish the current level of awareness in the work area relating to cyber security
• Review cyber security practices and existing policies and procedures as instructed in this task
• Review latest cyber security threats and trends impacting the organisation
• Document the outcomes of the review and suggested improvements for consideration by required
personnel
A. Survey
Develop a feedback form to establish the current level of awareness in the management team relating
to cyber security.
Develop 6-8 questions (a mix of closed and open-ended questions) to determine the knowledge of
cyber security in the management team.
Record the questions in the template provided below (Template 1).
Please note that you can add a rating scale (example: very satisfied, satisfied, etc.)
Template 1 -Feedback Form
Feedback Form
Thank you for taking the time to complete the Cyber Security Awareness Feedback Form.
The survey should take less than five (5) minutes to complete, and it will provide us with
insights to improve awareness of cyber security in the organisation.
Question Answer
How often do you change your 1) More than once a month
passwords on average? 2) Every 1-3 months
3) Every 6-12 Months
4) Less than once a year
5) Never
12
I know how to keep myself safe when Strongly Agree.
online. Agree.
Disagree.
Strongly Disagree.
What is the purpose of a firewall?
All emails I receive to my work inbox TRUE FALSE
are safe to open.
I keep my Operating System up to YES NO DON’T KNOW
date.
I know how to look for clues that a YES NO What is Phishing?
message may be Phishing
What do you know about Anti-
Spyware?
B. Evaluation of feedback
Assume that you have received the following response to the survey sent out to management:
Item Knowledge /
Awareness
None/Low = NL
Basic = B
Good = G
Proficient = P
Firewall – implementation and keeping it turned on 60% G
30% B
10% NL
System updates 100% G
Use of antivirus 100% G
Anti-spyware technology 60% NL
30% B
10% G
13
Item Knowledge /
Awareness
None/Low = NL
Basic = B
Good = G
Proficient = P
Scams including: 60% G
• Social engineering 40% B
• Phishing
• Spear phishing
• Vishing
• Smishing
Malware 50% B
50% NL
Ransomware 50% B
50% NL
Data access 80% G
20% B
File sharing 80% G
20% B
Device management 90% G
10% B
Additionally, you have collected the following feedback when speaking with the HR Manager:
• There is not a procedure or a backup plan, should the data get lost or damages
• Cyber Security training is very basic
• Lack of cybersecurity policy
• A recent audit found that 80% of staff does not have a strong password, and on two occasions,
staff did not change their password since they started their job at Zeemh
• No multi-factor authentication in use
• An employee gave their password to a colleague when they were away
• Antivirus software is up to date
• Some employees use their own devices when working (laptops) and take them home to complete
work over the weekend. It is unclear if any security procedure has been implemented
14
• The following reports were provided by an IT company that conducted an audit last year; there
was no follow-up to address the findings:
Likelihood of external threat vectors occurring.
Scale: 9= most likely, 1= least likely.
Cyber threats and incidents 8.1

Data loss or theft 6.5
Compliance, regulatory accidents 4.2
Scam 3.8
Hacktivism 3.2
Cyber-attack 1.5
Executive threats/impersonations 1.2
The human factor plays an essential role in how strong (or weak) a company's information security
defences are.
Below are the findings of causes of data leakage/data breach investigated at Zeemh:
o 40% - Database Privilege abuse - When a user, intentionally or accidentally, misuses

legitimate privileges they have been granted, it is known as privilege abuse. Despite these
privileges being legitimately granted, they may access resources or perform actions that
compromise enterprise security.
o 30% Data mishandling - occurs when sensitive information is copied, shared, accessed,
stolen, or otherwise used by an employee who isn't authorised to do so.
o 25% Email misuse
o 5% Mobile security breach - primarily driven by malware and malicious WiFi when using
own device for work
1. Review:
• The feedback provided above
15
• The current organisational policies and procedures (focus on the ones provided in a separate
folder)
• Best practice in Cyber Security and industry standards (conduct independent research)
• The outcome of the consultation with the HR Manager
2. Develop a report (Template 2) for the Board of Directors to :

• Illustrate the current level of awareness relating to cyber security in the management team
• Present a review of cyber security practices
• Provide a review of the latest cyber security threats and trends impacting the organisation
• Suggest improvements for consideration
Template 2 -Report
Introduction
A brief summary of what the report is about and the key questions the report answers.
(80-100 words)
This report will cover a variety of topics from the data we have collected. From the research
internally and externally we now know that the staff awareness on cyber security issues need to be
improved and we will go over the findings which outline the areas for improvement.
From the research we have identified training that is required within cyber issues. There is a lack of
understanding around the policies and procedures and the current policies are out of date so a new
set will need to be developed, updated and implemented alongside training.
Findings
Summarise any findings (positive and negative) from your review.
• The current level of awareness relating to cyber security in the management team
• Cyber security practices in the organisation
• Latest cyber security threats and trends impacting the organisation
(150-200 words)
16
From the research we have uncovered a lot of areas for improvement.
From our survey of staff we found that some areas that are particularly vulnerable are not well
known about. The biggest knowledge gap lies in the information about types of threats, how they
work and how to prevent them. Ransomware, spyware and Malware are all unknown areas that
individuals should be taught more about as when knowledge is lacking these areas are easier to
exploit. We also found that scams such as Phishing, although are more known about than other
areas, 40% only had basic knowledge which could be a problem as Phishing scams can easily lead
people with a lot of knowledge, let alone those without.
We found that there needs to be a procedure in place to back-up the data regularly as currently
there is know fall back if system fail and the data is lost as this could cost the company a lot of time,
money and could breech the law in certain cases.
Policies must be updated immediately on data privilege and data handling as these areas made up
70% of the data breeches. Data needs to be more restricted and access for most of the information
should be on a need to know basis only. And for data handling including transfer, sharing and access
needs to be using end-to-end encryption.
Two more areas that need to be focused on are passwords and BYOD problems. Passwords in some
cases have never been changed which can be a big risk and a policy needs to be implemented to
introduce stronger and reset passwords. BYOD is a problem when employees are using personal
devices for work matters which can cause a clear data and legal breech and must be fixed
immediately.
Best Practice
Summarise your research about the best practice and industry standards in cyber security in the workplace.
(50-100 words)
17
To start with I would recommend some practices to improve security. Firstly ensure that the firewall
and anti-virus softwares are installed on the computers and kept up to date and always turned on. It
is also recommend to keep the OS up to date as the small updates usually fix security flaws.
I would recommend implementing a forced password change procedure to ensure everyone changes
their passwords every 90-120 days and the new passwords must meet strict requirements.
Training for types of threats, especially scams and Phishing should be available for all employees as
these are key areas of where understanding can greatly reduce the risk of attack.
Recommendations for improvement

Recommended improvements based on review. This must include system updates, development and/or policy and procedures, and training
for key personnel.
(4-6 recommendations)
Forced password changes should be implemented to the whole of the organisations systems and I
would recommend that it forces a change every 90-120 days.
Password complexity requirments
Keep all OS and Anti Virus up to date
Training to all staff to ensure all understand threats and how to look for and deal with them
A Procedure for a daily backup needs to be implemented
Conclusion
• A conclusion is what you will leave with your reader
• It "wraps up" your report
• It demonstrates to the reader that you accomplished what you set out to do
• It provides the reader with a sense of closure on the topics covered in the report
(50-100 words)
18
In conclusion there are a wide variety of issues within the company from system to security to
threats knowledge. Although these problems are plentiful, they can all be addressed and fixed
quickly which is what we have outlined in our recommendations. Updating the policies and
procedures of how security is handled within the company will lead to much higher security.
C. Communicate findings
Write an email (Template 3) to the Board of Directors to submit your report.
In the email:
• Summarise the report's content
• Provide advice on implementing your recommendations in the organisation
• Communicate the potential impact of not implementing the recommendations on the organisation
The email text should be in grammatically correct English and written appropriately (polite, business-
like).
(80-120 words)
Template 3 -Email
Email to the BoD

To: Board of Directors
Cc: HR Manager
Bcc:
Subject: Cyber Security Report
Date email is sent: 13/11/21
Attachments: Cyber Security Report
19
Good Morning directors,
From the report I have found that the organisations lacks knowledge in some key areas such as
malware, spyware and scams such as phishing, which is why I have highly recommended these
areas be focused on through training alongside installing extra email filtering software.
The BYOD policy currently means that users are using personal devices for work related tasks
which can cause a high risk of data leek so this policy must be updated and tightened immediately.
The password Policy I would also recommend updating to ensure frequent password changes and
stronger passwords.
I found that a lot of employees have been accessing data as they please which has led to the
largest data breeches from the company and this should be changed to a need to know data
policy. As well as this employees have been insecurely sharing data which again has led t breeches
and I would recommend tighter control over this as well as end to end encryption.
I have developed the report from the results of our findings which is attached.
Kind Regards
Ben
Task 2.2 Develop cyber security awareness in the workplace

• Develop and promote workplace activities to enhance awareness and knowledge of cyber security
practices in the workplace
Address the following:
A. Training Plan
Develop a training plan to improve cyber security awareness in the management team (Template 4).
Assume that the BoD has agreed on a training budget of $ 6,500.00.
(4-5 key training initiatives)
Template 4 -Training Plan
20
Training and Development Plan
Cyber Security Awareness

Management Team
Department/Role:
Training Opportunity Cyber Security – Training Description Budget and
Topic addressed Resources
• Formal/Informal
• Brief description of the
content
• Type of training
• Location
• Timeframe
aware.com - Cyber Business Cyber Security Online Training, $1430 / y

Security online training Available for a year but
must be done within 2
months
Group Speaker Avoiding Scams Face to Face, $ 700 + $500 for food
Formal
In the boardroom in 1
month time
HR and Security team New Policies and Out of Office event in a A$2500
presentation Procdures hotel with lunch and
dinner. Formal
Lunchtime Speaker 1 Hour presentation on Boardroom, informal, $500 + $500 for food
data breeching this month
Total Cost 6130$

Budget and Manager Full Name:
Resources Title: HR Manager
approved by: Fazla Date: 13/11/21
Approved Y ☐ N ☐ Yes
B. Policy
Develop a policy for cyber security in the organisation (Template 5).
Template 5 -Policy
21
Follow the instructions in 'italic'.
Purpose and scope
(purpose and scope of the policy 30-50 words)
The purpose of the policy is to protect individuals and the organisation and set out the guidelines for
preserving the company’s data and technology infrastructure from the many threats that exist.
Policy and Procedures
(Policy statement about what the policy is about and procedures on how the cyber security policy is
implemented in the organisation)
The policy will focus on keeping our data confidential, and the correct ways in which data should be
transferred across any medium. It will implement guidelines on how passwords will be protected to
a higher standard to stop sharing and easy guessed passwords. It will also outline on how to keep
emails safe and avoid scams.
Passwords will not be written down where possible and will be changed every 90 days and meet the
company requirements.
BYOD must not be used for work purposes.
All computers must have up to date OS and Anti-virus.
Associated forms
(Forms such as feedback forms that are associated with the policy)
C. Procedures
1. Develop the following procedures (step-by-step or use a flow chart):

• Password procedures (creation, change, protection)
22
• Phishing Scams' prevention (focus on email)
• Bring Your Own Device (BYOD) procedure
And
• A recovery plan - Being prepared for a security attack means having a thorough plan. This plan
should include what can happen to prevent the cyber attack and minimise the damage if it
takes place. (50-100 words)
2. Document your work in the space provided below:
Password procedures
1) Set password requirements
2) Ensure passwords contains at least 1 capital letter, 1 number and 1 special character
3) Ensure password is 8 character long
4) Ensure passwords are changed every 90 days
5) Don’t write down password if possible
6) Add 2 factor authentication
Phishing Scams' prevention
1) Conduct training on how to spot Phishing Scams
2) Install a software such as Barracuda to scan emails and warn users of when the email may be a
Phshing scam.
3) Have information on known phishing scams communicated to the employees regularly.
4) Keep Anti-Virus up to date.
BYOD procedures
23
1) Employees are not allowed to use their own devices for work
2) If there is a reason the employee needs a second device or the use of a personal device this
must be reviewed and approved by the Security team.
3) Employees must not use cloud based apps
4) Employees may not synchronise any data between work and personal devices.
Recovery Plan
1) Anti-Virus and Firewalls will be in place to prevent viruses and vulnerabilities
2) The defences will be monitored to find issues as early as possible
3) Fix any gaps immediately and keep all software up to date
4) Have a plan in place for how it affects the data and shareholders.
5) Strict Access control to restrict who knows about the firewall and anti-virus configuration.
3. Save the policy developed in Task 2.2B and the procedures designed in Task 2.2C in a sub-folder
called 'Cyber Security, under the main folder called 'Policy and Procedures.
File naming convention: <File Name>_ <Version #>
Take a screenshot of the folder and subfolder populated with the files and copy and paste it in the
space provided below.
24
D. Communication
1. Develop a social media post to promote cyber security awareness in the organisation.
The post can be as simple as text and image.
Document the post in the space provided below.
2. Develop a brief article for the monthly staff newsletter to communicate an update to the policy
and procedure (refer to one of the procedures developed in Task 2.2C or the policy developed in
Task 2.2B).
(80-120 words)
Use Template 6 to document the article.
Template 6 -Newsletter Article
25
Cyber Security Awareness - Newsletter - Ben Walker - November Issue
Monthly Newsletter
Cyber security is an important part of every company today and every day more and more threats
appear on the internet and every organisation and individual must ensure they are aware of how
to conduct themselves to protect everyone involved. Passwords are a large part of everyday life
and people are often unaware that not changing them regularly can increase the risk of attack,
especially when people use the same passwords for a lot of sites. It is also highly advised to have
a more complex password which helps with protection too.
We release that having 100 different, complex passwords for different websites is not usually
possible but there are tools to help for example password collection apps which use multi-factor
authentication for you to save all of your passwords in, to which you just have 1 master password
that you only use for that.
Task 2.3 Support effective cyber security practices

• Arrange and conduct training
• Present updates to policy and procedures related to cyber security and collect insights and
feedback
Schedule a time with the trainer and assessor in week 5 of class with the management team, played
by a group of classmates in simulated work conditions.
This is a Role-Play. The trainer and assessor will evaluate your performance during the Role-Play and
provide feedback on the marking sheet.
If you are absent from class, it is your responsibility to make alternative arrangements with the trainer
and assessor to perform the Role-Play.
26
Duration: 20-30 minutes
Before the meeting

• Prepare a coaching session on one of the procedures developed in Task 2.2C or the policy
developed in Task 2.2B. Use Template 7 to document your plan.
Template 7 -Coaching Plan
Coaching Session Plan

Topic: Passwords and Multi Factor Authentication
Aim of the session: Develop an understanding of how to create and use passwords and how to
setup and use Multi Factor Authentication
Date and time of the Team/Group: Equipment Needed:

coaching session: Management Group Laptop
1/12/21 Projector
Light Lunch
Location: Duration: WHS considerations:
Boardroom 20 Minuets Temperature
Trip Hazard
Allergies
Warm Up activities
(Optional)
Coaching Point/Question How can I keep myself safer on the internet?
Main Activity - How to create strong passwords
- How to manage passwords
- How to set up and use multi factor authentication
Follow-Up - Statistics and demonstration of password hacking and cracking
- Introducing and explaining the new policy
During the meeting

• Explain why the new (or updated) policy and procedures were needed (you can mention the
findings of your report)
• Present the new cyber security policy developed in Task 2.2B
27
• Present the processes designed in Task 2.2C
• Gather feedback and insights from managers about the processes and the policy
• Deliver the coaching session
After the meeting

• Summarise the feedback and insights gathered from management in the space provided below.
(50-100 words)
From the training session which was well received, some points were raised by the managers.
Firstly that although the arguments for password changing are compelling, the difficulty of having
more complex and multiple passwords can be an issue. The point being that it is not advised to
write down passwords so could easily be forgotten.
The managers all thought however that it would be a good idea to force password resets
quarterly to help with cyber protection, this is where I raised the idea of password collection
applications which if used correctly, with multi factor authentication and 1 master password to
remember that it can greatly reduce any risk of hacking.
• Reflect on the following:

o How did you facilitate the discussion with the managers? Provide an example.
o How did you highlight the importance of cyber security in the workplace? Provide an example.
o Was your coaching session effective? Why?
o What did you do well during the meeting? What could you improve?
Summarise your reflection in the space provided below.
(80-120 words)
28
- Once I had finished the presentations I asked around the room one at a time if they had any
concerns or points to make about what we had been over.
- To help with highlighting the importance of cyber security I used statistics to show that
passwords are one of the most easily targeted vulnerabilities for companies and individuals.
- Yes my coaching session was effective as everyone understands to a greater extent the threats
that exist and a few way in which we can prevent them from being an issue.
- My presentation I thought went very well and everyone agreed that steps should be taken. I
think for improvement I should have prepared some examples and demonstrations of suitable
apps and processes to help with multiple passwords.
Appendix 1 – About the Company
Company Overview
The appetite for good-quality coffee continues to grow globally. This is great news for roasters, but it
also comes with increased competition.
ZEEMH is a roasting coffee company with an e-commerce business model designed to become the
market leader in the online retail of boutique coffee. ZEEMH was founded by husband and wife John
Cluber and Marla Bennet. The couple decided to start an online business in 2013 to allow more
flexibility in their family life. ZEEMH was an instant success, and it has grown substantially in its years
of operation.
Starting as an online retailer of exclusive coffee brands for home consumption,

the company changed its business model by launching its own coffee and
expanding its product line. ZEEMH has brought coffee traditions and recipes
from around the world to new life through creativity and innovation in coffee
blending and roasting processes.
The company is located in Melbourne, VIC, with its headquarter and roasting
facilities in Port Melbourne.
Website: https://projectdipem.wixsite.com/zeemh
ZEEMH:
• Produces creative and high-quality coffee blends, roasting coffee in its own facilities
29
• Sources coffee beans from around the world, searching for the best quality coffee
• Is an online retailer of its very own coffee brand: 100% Australian owned and operated
• Delivers its products within Australia (nationwide)
• Focuses on a niche B2B and B2C target market
In the past years, ZEEMH has focused on creating an iconic e-commerce brand for quality coffee.
Since 2013, the organisation has grown and expanded, moving from the spared room of a house in
Surrey Hills, Victoria, to a comfortable 2 level office in Port Melbourne, where they also have the
coffee roasting and packaging plant (same building).
Warehouse operations are outsourced to MCW Logistics (MCW looks after the importing operations
relate to importing coffee beans in Australia and the inventory management – for raw and refined
products). MCW logistics is located close to the ZEEMH headquarter.
Organisational Chart
Finance Manager Finance Team
Marketing and Sales Marketing and Sales

Manager Team
Customer Relations Customer Relations

Manager Team
CEO and founder
Board of Directors HR Executive Officer HR Assistant
COO and founder
MCW Logistics
(outsourced)
Production Manager
Coffee Roasting and

Production Team
IT Outsourced
Board of Directors
30
• John Cluber Senior – Chairman
• John Cluber – CEO (Founder 40% shareholder), responsible for the day-to-day management
decisions of the company
• Marla Bennet – COO (Founder 40% shareholder), responsible for the daily operations of the
company
• Jacob Mosley – Non-executive Director (E-commerce expertise)
• Marina Bennet – Non-executive Director (Retail expertise)
• Steven Yun – Executive Director (Investor 20% shareholder)
Finance Department
• Finance Manager (Full time, Ongoing)

o Financial Officer x 2 (Part Time, ongoing, job sharing)
Duties include strategic financial management, risk management, accounts receivable, accounts
payable, invoicing, payroll, financial record keeping and reporting, preparation and payment of taxes/
fees, cash flow management, external contract management and all elements of financial and legal
compliance.
Human Resources Department
• HR Executive Officer (Full Time, Ongoing)

o HR Assistant (Part-Time, Ongoing)
Duties include strategic HR planning, recruitment and selection, compensation and benefits, employee
relations and support, training and development, internal communications management, performance
management support, termination of employment, record keeping and reporting, safety including
OH&S and fair work law compliance, facilities and maintenance management, procurement, legal
compliance, industrial relations, policies and procedures management.
IT services (contracted)
31
• Managed by the Customer Relations Department, outsourced to Preston IT Solutions
IT services include server hosting, network installation and management, provision, maintenance and
update of all software and licenses, database administration (inventory and staff files), data
management, data protection compliance and systems security, website design and maintenance, and
technical support and maintenance/repair of software and hardware.
Note: Ad-hoc IT support including software and hardware maintenance is provided by Preston IT
Solutions on an on-call basis.
Marketing Department
• Marketing and Sales Manager (Full Time, Ongoing)

o Marketing Officer x 1 (Part time, Ongoing)
o Social Media Officer (Part Time, Ongoing)
o Sales Officer x 2 – dedicated to B2B (Full Time, Ongoing)
o Content Writer (contractor)
o Graphic Designer and web developer (contractor)
Duties include strategic marketing management, external communications management, graphic

design, social media management and content creation, market research and public relations.
Production
• Production Manager (Full Time, Ongoing)

o Logistic Assistant (Part Time, Ongoing)
o 2 x Coffee Roaster Specialists (Full Time, Ongoing)
o 2 x Production Operation Officers (Full Time, Ongoing)
o MCW Logistics (outsource warehousing and logistic operations)
Duties include overseeing shipping, warehousing and procurement. Roasting and Packaging of coffee
is performed by a dedicated, well trained and experienced team. The team performs quality assurance
and control activities to ensure the best quality coffee is produced.
32
Note: Logistic operations are performed by MCW Logistics: import-exporting; warehousing, delivery.
Delivery to customers is operated through a mix of private and public delivery services.
Customer Relations
• Customer Relations Manager (Full Time, Ongoing)

o Customer Relations Team Leader x 1 (Full Time, Ongoing)
▪ Customer Relations Officers x 16
o Front Desk Officer x 2 (Job Sharing, Ongoing)
Duties include customer service support and sales (outbound and inbound), complaint resolution,
front desk duties.
Note: The Customer Relations Manager is responsible for the supervision (direct line Manager) of the
store in Melbourne CBD.
Company Profile and Key Information
Key to Success
ZEEMH has identified four keys that are instrumental to its success:
• Develop a niche product that aims to reach a market of boutique coffee lovers.
• Deliver exceptional customer service in all aspects of the business cycle.
• Attract and retain quality staff.
• Creativity, innovation and quality are the pillars the company is founded on.
Target Market
ZEEMH has identified three distinct customer

segments:
•B2B – Start-up independent coffee shops that aim
to establish themselves as a boutique coffee shop.
•B2B – Established independent coffee shops that
seek to differentiate their offering from their
competition.
•B2C – Coffee drinkers that enjoy making good
quality coffee at home (speciality coffee drinkers). These buyers buy the beans whole to grind the
33
coffee themselves for the freshest cup possible. ZEEMH has made a strategic decision not to sell
ground coffee (this would increase the cost of production)
Objectives
ZEEMH's objectives are:

• To make ZEEMH an icon brand for speciality coffee drinkers.
• To develop an effective, well-placed e-commerce site for sales of coffee blends direct to the public.
• To expand their market (to increase sales) without giving up on the exclusivity of the brand.
• To maintain and improve infrastructure for the fulfilment of Web-based sales.
Vision
ZEEMH's vision is to be the leader in the innovative and creative production and distribution of
superior coffee blends for true coffee lovers.
Mission
ZEEMH's mission is to provide the finest in coffee blends using the Internet to lower the consumer's
cost. We exist to attract and maintain customers who love quality and boutique coffee. Our services
are designed and delivered to exceed the expectations of our customers.
Values
ZEEMH:
• Strongly values its people.
• Promotes quality in every part of the business.
• Champion's innovation in our approach to business growth
• Supports creativity in our product offering.
• Is committed to sustainability in everything we do.
• Displays integrity in the way we do business.
• Shows care and respect for our customers.
Ownership
34
ZEEMH is a Proprietary Limited company, 100%
Australian owned and operated. The majority
of the company is owned by founders John
Cluber (40%) and Marla Bennet (40%). Steven
Yun, an investor, owns 20% of the company,
and he is also part of the Board of Directors as
an executive director. They have recruited
experienced and highly skilled board members.
The coffee-making process
Coffee beans are seeds inside edible cherries of coffee plant. The
plants are cultivated in tropical and sub-tropical parts of the world.
When fully grown, the red coffee cherries are hand-picked and
the seeds are exctracted after thy are dried.
The green coffee beans are roasted to varying degrees.
Different types of coffee beans and roast levels are blended

together according to individual characteristics and qualities that
are brought out during the roasting (for example: cocoa or floral
Coffee beans are sourced from selected producers around the world, and they must meet these
characteristics:
•Organics and Fair Trade
•Be produced in small to medium farms.
•Pass the quality control from ZEEMH coffee roaster

experts.
The product
•Is roasted daily – an efficient inventory process is key
to allow for the product to be shipped and re-stocked
35
fast.
• Has been awarded several quality prices from Australian coffee associations.
• Delivered free of charge for orders over $ 80.00.
• It is packaged using earthbags products ( https://www.thepackagingpeople.com.au/product/earth-
bags/?gclid=EAIaIQobChMI5K3_zNai3QIViGkqCh2mgQX2EAQYBCABEgIjhvD_BwE )
Sales B2C and B2B
Sales numbers for 2019 and 2020 are reported below-average sale/kg.
B2C 2019 Data 2020 Data

Total Single 620 15% Inactive 902 26% Inactive
Customer 18% shopped 16% shopped
only once only once
29% shopped 22% shopped
twice twice
Revenue $ $ 252,669.55 $ 366,975.00
32% shopped 30% shopped
(total-all
more than more than twice
blends
twice 6% shopped more
production)
6% shopped than 5 times
more than 5 Average single
times transaction 2 kg
Average single of coffee
transaction 2 Increase of 5%
kg of coffee on prices since
2018
B2B 2019 Data 2020 Data
Total Single 320 35% of cafés 380 48% of cafés

Business used Zeemh to used Zeemh to
Accounts work on own work on own
customised customised
Revenue $ $ 38,944,471.82 $ 51,214,398.30
unique blend. unique blend.
(total-all
blends 2% of inactive 4% of inactive
production) accounts accounts
36
ZEEMH sales 2019 -2020
20192
60,000,000.00 2019
51,214,398.30
45,000,000.00
38,944,471.82
30,000,000.00
15,000,000.00
252,669.55 366,975.00
0.00
Sales B2C Sales B2B
B2C
Product Packaging Description
250 gr 500 gr 1 kg
Feature blend – $ 19.00 $ 36.50 This product changes every three

premium line with a months, and it is a limited seasonal
limited release offer.
Espresso – standard $ 13.00 $ 25.00 $ 46.00 Full-bodied, Italian style coffee with a
line rich and warm flavours.
(This product is made with less
prestigious quality beans to meet the
price point.)
37
Product Packaging Description
Espresso – premium $ 16.00 $ 31.00 $ 56.00 Full-bodied, Italian style coffee with a
line rich and balanced flavour.
Decaf – standard $ 15.00 $ 28.00 $ 52.00 Decaffeinated but just as good as
line only your regular espresso.
Horizon – premium $ 17.00 $ 33.00 $ 65.00 Rich in flavours, balanced and heavy
line bodied.
Daylight – standard $ 14.00 $ 26.00 $ 48.00 Aromatic with a complex finish.
line
Awake – premium $ 17.00 $ 33.00 $ 65.00 Complex flavours, intense and full
line bodied
Intensity – $ 17.00 $ 33.00 $ 65.00 Intense creamy body with a hint of
premium line almonds and caramel.
Domain – premium $ 17.00 $ 33.00 $ 65.00 Delicate flavour with hint of honey
line and blossom fragrance.
Summer Dream – $ 17.00 $ 33.00 $ 65.00 All round coffee with a smooth and
premium line velvety body.
Renascence – $ 14.00 $26.00 $ 48.00 Rich balanced and lively.
standard line
Customised blend $ 55.00 $ 105.00 The customer calls a coffee specialist
at ZEEMH, completes a personality
test (optional) and discuss its
preference to have a special blend
designed for him/her.
Customised packaging options are
also available with this product.
The purchasing cycle for B2C customers is provided below:
38
Purchase Decision Post-Purchase
•Zeemh Website •Delivery 2-5 days
•Search Engine (surcharge for
•Order online via express delivery •Thank you email from
•Social Media website Zeemh with feedback
applies)
•Word of Mouth •Order by calling form to complete
•Press Releases Zeemh directly
Information Search
Payment upfront and
and Evalaution of
Delivery
Alternatives
B2C Sales 2019-2020
Sales 2019 2019 2020 2020 Addition

Sales Sales in $ Sales in Kg Sales in $ al Info
in Kg
Feature 492 $ 35,915.95 692 $ 50,516.00
blend –
premium
line with
limited
release
Espresso – 421 $ 23,575.95 280 $ 12,880.00
standard
line
Espresso – 0 401 $ 22,456.00 NA in
premium 2019
line
Decaf – 320 $ 16,639.95 280 $ 14,560.00
standard
line only
Horizon – 752 $ 48,879.95 854 $ 55,510.00
premium
line
Daylight – 459 $ 22,031.95 421 $ 20,208.00
standard
line
39
Sales 2019 2019 2020 2020 Addition
Sales Sales in $ Sales in Kg Sales in $ al Info
in Kg
Awake – 0 692 $ 44,980.00 NA in
premium 2019
line
Intensity – 381 $ 24,764.95 491 $ 31,915.00
premium
line
Domain – 512 $ 33,279.95 486 $ 31,590.00
premium
line
Summer 221 $ 14,364.95 142 $ 9,230.00
Dream -
premium
line
Renascenc 692 $ 33,215.95 903 $ 43,344.00
e–
standard
line
Customise 0 183 $ 19,215.00 NA in
d blend 2019
Total $ $ 252,669.55 $ 356,404.00
40
Co ee Sales B2C by Kg
Customised blend 183
0
Renascence 903
692
Summer Dream 142
221
Domain 486
512
Intensity 491
381
Awake 692
0
Daylight 421
459
Horizon 854
752
Decaf -standard line only 280
320
Espresso -premium line 401
0
Espresso – standard line 280
421
Feature blend 692
492
0 250 500 750 1000
2020
2019
B2B
A strategic alliance has been established with NFB Coffee Equipment Company. A coffee equipment
company that produces and distributes coffee equipment for Cafés around Australia. NFB currently
serves 22% of Australian cafés.
NFB is awarded a perpetual 3% of the revenue from coffee sales for each café they signed up with
ZEEMH.
An industry-standard dose for a coffee is 7 grams per serve. For a 1kg bag, you could expect to get in
the range of 60-90 cups depending on strength, double shots and wastage.
Product 500 gr 1 kg Discount Description
Espresso – $ 45.00 11-15 kg Full-bodied, Italian style coffee with a

premium line 5% rich and warm flavour.
16-20 kg
8%
21-25 kg
Decaf – standard $ 10% Decaffeinated.
line only 15.00 26-30 kg
Horizon – $ 65.00 15% Rich in flavours, balanced and heavy-
premium line bodied.
Street – $ 65.00 A slight bitter flavour, decisive and
premium line balanced.
Customised $ 95.00 The café' can order a customised

blend blend of coffee.
41
ff
B2B purchasing decisions by the client base are made considering:
• Pricing point
• Quality of the coffee
• Opportunity to differentiate own café using Zeemh products.
• Most businesses would have a manager in charge of purchasing services (in small cafés, this is
usually the owner)
• Cafés prefer a personal touch in the sales process and value face to face relationships with sales
personnel.
• Most businesses would look at the terms of payment (the most popular term of payment within
Zeemh customers is 30 days from receiving an invoice from Zeemh; few clients pay within 60
days, but they may be charged an extra 5% of the invoice for this arrangements). 78% of clients
choose 30 days payment terms, 21% 60 days, and only 1% pays upfront.
• B2B clients are very rational in their decision-making process, and they would consider a range of
factors such as testimonials from other businesses; recommendations; pricing; quality of service;
quality of coffee; how Zeemh meets their business needs; cost savings on own business
operations; quality of business relationships with Zeemh personnel.
The purchasing cycle for B2B customers is provided below:
Post-Purchase
•Payment terms : •Thank you email

Purchase Decision upfront 2% from Zeemh
•Zeemh Website discount; 30 with feedback
•Search Engine days; 60 days form to
•Social Media +5% complete
•Order online via •Delivery 2-5
•Word of Mouth •Ad hoc
website (B2B) days (surcharge
•Press Releases additional
•Order by calling for express initiatives such
Zeemh directly as: invitation to
events, free
Information Search samples,
and Evalaution of featuring café'
Alternatives on Zeemh
Payment website or social
media outlets
42
B2B Sales 2019-2020
Sales 2019 2019 2020 2020 Additional

Sales in Sales in $ Sales in Sales in $ Info
Kg Kg
Espresso – 110,000 $ 4,949,999.95 95,000 $ 4,275,000.00
premium line
Decaf – 26,000 $ 779,999.95 25,800 $ 774,000.00
standard line
only
Horizon – 0 112,000 $ 7,280,000.00 NA in 2019
premium line
Street – 285,000 $ 18,524,999.95 261,000 $ 16,965,000.00
premium line
Customised 208,000 $ 19,759,999.95 301,000 $ 28,595,000.00
blend
Total $ 44,014,999.80 $ 57,889,000.00
Discount % On Total $ of % On Total $ of
applied Total discount Total discount
orders orders
None 2 $ 880,300.00 3 $ 1,736,670.00
11-15 kg 5% 6 $ 2,508,854.99 4 $ 2,199,782.00
16-20 kg 8% 9 $ 3,644,441.98 11 $ 5,858,366.80
21-25 kg 10% 39 $ 15,449,264.93 37 $ 19,277,037.00
26-30 kg 15% 44 $ 16,461,609.93 45 $ 22,142,542.50
Total Revenue including $ 38,944,471.82 $ 51,214,398.30
discount
43
Co ee Sales B2B by Kg
301000
Customised blend
208000
261000
Street
285000
112000
Horizon
0
25800
Decaf -standard line only
26000
95000
Espresso -premium line
110000
0 100000 200000 300000 400000

2020
2019
On average, a café would consume 2 kg of coffee/ day. Busy cafés would consume an average of
40-50 kg of coffee/week.
Pricing considerations
ZEEMH premium price structure is justified by:
• Organic and Fair-Trade coffee only
• Superior quality coffee beans used for roasting.
• Quality of customer service
ZEEMH mark-up on coffee price is on average 100%

with the base cost to consider: green coffee cost,
transportation, the cost for roasting (equipment,
utilities and labour), cost to market and cost to
deliver to a customer.
The cost structure is shown below:
44
ff
Cost Structure
10%
24%
Green beans including transporta on

Roas ng/Produc on cost
Logis cs
Business opera ons (outside produc on)
27% Marke ng and sales
7% 33%
Positioning Map
High perceived quality and status
Limited Extensive
service personalised
Less service
personal
service
Low perceived quality and status
45
ti
ti
ti
ti
ti
ti
ti
The typical B2C customer profile for quality coffee
Behaviour Demographics Psychographic Geographic
• Quality • Age 25+ • Higher • High density

recognition coffee income, or destination
and status connoisseurs, something urban food
white collar better locations
worker attitude
Zeemh positioned itself in the coffee speciality end, focusing on the experience of great coffee.
Customers are no longer satisfied with just a quick caffeine fix. They have become more discerning in
their preferences, they want to expand their coffee knowledge and with this, comes greater
expectations on baristas and café owners to deliver coffee with more complex flavours.
Coffee drinkers tend to be older, with 74% of adults aged 55 and older consuming it daily, versus 50%
of those aged 18 to 34. Among coffee drinkers, those younger than 35 tend to drink fewer cups per
day on average (1.8) than those aged 35 and older, who consume roughly three cups per day.
Men drink as much coffee as women; each consuming an average of 1.6 cups per day. Women seem
to be more concerned about the price than men.
Key B2B segments supplied to:
46
%
Bakery 4
Pubs and Clubs 8
Restaurant 6
Indipendent Café 82
0 23 45 68 90
Series 1
Independent cafés tend to be small boutique cafés that try to differentiate themselves with a
speciality coffee offering, Moreover, 48% of them uses customised coffee blends (and packaging) that
Zeemh creates for them.
Strategic Direction
Zeemh's strategy is about capturing the higher end of the coffee lovers' market.
ZEEM aims to create a premier brand, so that they can eventually capture market share across broad
geographic lines.
Zeemh's competitive edge is:

• Quality Coffee
• Easy-to-use website
• Superior customer service
• Coffee blends customisation for clients
The strategic objectives identified by the board of directors are:

• Increase brand awareness among B2C and B2B customers
• Increase market share among B2C clients by 20% in the next five years.
• Expand to international markets.
• Increase market share among B2B clients by 5% in the next three years.
47
• Expand the product line to coffee equipment and Zeemh merchandise.
• Identify strategic alliances to expand the company's footprint nationally and internationally.
• Consider an HR strategic plan to attract and retain talent in the company.
• Improve quality management practices to decrease production and logistic costs and establish the
brand as synonymous with quality first.
• Improve customer retention and loyalty.
An integrated digital marketing campaign is recommended by the board. However, the board has
highlighted how the more traditional form of marketing, such as direct marketing, should be
integrated into an overall strategy.
Zeemh's clients like a personal approach to sales and interaction with the company.
The board has committed to:

• $ 210,000 in marketing expenditure for the next financial year
• $ 450,000 in recruitment and improvement of HR practices (including professional development for
staff)
• $ 190,000 to quality improvement (including enhancements to the roasting facilities in Port
Melbourne)
Market Information Excerpt
Source: Ibisworld – Research data further by gathering free access to IbisWorld from the State Library
of Victoria https://www.slv.vic.gov.au/
Tea, Coffee and Other Food Manufacturing in Australia
The industry includes cafes and coffee shops that serve food and beverages to customers on-
premises. Customers generally order and are served while seated and pay after eating. The industry
excludes operators mainly engaged in takeaway food services, restaurant and catering services, the
operation of theatre restaurants and selling alcohol for consumption on and off-premises.
Key Trends
• Australia's strong cafe culture has helped generate sustained growth for the coffee segment.
• Niche players have entered the industry to satisfy consumers looking for high-quality products.
• Exports to China have been highly volatile, even before the COVID-19 pandemic.
• Tea consumption is projected to decline as younger consumers shift towards other beverages.
• Private-label brands are anticipated to place increasing price pressure on the industry.
48
• Increasing consumer demand for premium industry products is projected to support revenue
growth.
• Consumer preferences have changed over the past five years due to growing health concerns.
Executive Summary
Mixed brew: Revenue has grown despite volatile input prices and international trade.
Operators in the Tea, Coffee and Other Food

Manufacturing industry produce a range of food
products. Industry products include tea, coffee,
prepared meals, salt, yeast, and herbs and spices. Rising
health consciousness, consumer incomes, volatile input
prices and international trade have all influenced
industry revenue over the past five years. These factors
have supported demand for some products at the
expense of others.
A line chart that shows the annual percentage change in revenue over the past five years and
a forecast for the next five years.
View as data table, Chart
The chart has 1 X axis displaying values. Range: 2015.9 to 2026.1.
The chart has 1 Y axis displaying values. Range: -5.5335 to 15.2235.
2026: 3.0%
Overall, industry revenue is expected to increase at an annualised 1.9% over the five years through
2020-21, to $8.2 billion. However, this trend includes an expected revenue decline of 4.6% in the
current year, due to the COVID-19 pandemic negatively affecting exports and demand for premium
food products. In addition, downstream demand from food-service establishments has been volatile
during the COVID-19 pandemic. However, players have benefited from rising demand from the major
retailers, such as Coles and Woolworths.
49
50
Consumer preferences have changed over the past five years due to growing health concerns, rising
demand for foreign foods and increasing demand for premium product lines. These trends have
allowed many small-scale niche manufacturers to enter the industry over the period, boosting the
number of industry enterprises. However, growing interest in foreign foods has contributed to
moderate import pressures on industry operators, limiting industry performance. Exports have
declined as a share of revenue over the past five years, despite strong demand for premium Australian
food products abroad, particularly in the Asia-Pacific region. The COVID-19 pandemic has disrupted
supply chains and reduced demand from overseas markets, further constraining industry performance.
Industry revenue is forecast to grow over the next five years. Demand for premium products is likely
to rise as the economy recovers from the downturn caused by the COVID-19 pandemic. In addition,
exports are likely to grow as a share of revenue as demand from Asian markets recovers. However,
operators are anticipated to face continued pressure from supermarket private-label brands and
imported foods over the period. Overall, industry revenue is forecast to increase at an annualised
2.6% over the five years through 2025-26, to $9.3 billion.
Industry products are extremely diverse and include tea, coffee, salt, mayonnaise, condiments and
prepared meals. Industry operators have contended with volatile input prices, fluctuations in
51
international trade and private-label brands rapidly developing over the period. However, rising
demand has mostly benefited industry manufacturers. Overall, industry revenue is expected to
increase at an annualised 1.9% over the five years through 2020-21, to $8.2 billion.
The COVID-19 pandemic has caused further volatility in the industry. Exports are expected to decline
over the two years through 2020-21, due to decreased demand from many Asian nations, including
China, and disrupted supply chains. Supply chain disruption is also expected to constrain import
volumes during the pandemic. The pandemic has also had a mixed effect on domestic demand. As
many industry products are non-perishable, demand
soared during periods of consumer stockpiling during
2020. However, the decline in consumer disposable
income in 2020-21 is likely to constrain industry
performance, contributing to an expected revenue decline
of 4.6% in the current year.
Health consciousness has grown over the period, with

consumers increasingly concerned about the amount of
fat, sodium and sugar in their diets. This has reduced
demand for products perceived as unhealthy, such as salt
and certain prepared meals. However, the rising number
of busy consumers has helped limit declines in the
prepared foods segment.
Consumers are increasingly opting for premium food products, including coffee beans and grounds,
and loose-leaf tea. In addition, changing consumer preferences have boosted interest in more exotic
meals, driving demand for herbs, spices, flavourings and sauces. Growing interest in specialty foods,
premium products and international food products has provided scope for new, smaller players to
enter the industry. This trend has boosted enterprise numbers and supported employment growth
over the period.
Tea and coffee
Coffee is one of the largest product segments in the industry.
Australia's cafe culture and love of quality coffee have generated sustained growth for the coffee
segment over the past five years. Coffee's popularity has encouraged dynamic product innovation
through new blends and coffee-related products. Furthermore, consumer tastes have shifted to
premium coffee varieties, contributing to revenue growth. However, volatile downstream demand from
cafes and coffee shops during the COVID-19 pandemic has reduced the margins of coffee producers,
despite a decline in the world price of coffee over the period.
Niche players have entered the industry to satisfy coffee consumers looking for high-quality products
over the past five years. These niche markets are generally not catered for by the product ranges of
the industry's larger players. The number of coffee machines owned by consumers has grown over
the past five years, reflecting increasing demand for premium coffee. Conversely, demand for instant
coffee has declined over the period. However, instant coffee continues to make up a large proportion
of the industry's coffee segment.
52
Industry operators also generate a significant amount of revenue through tea manufacturing. Tea
producers, particularly loose-leaf and specialty tea makers, have benefited from rising health
consciousness over the past five years. For example, the demand for green tea has grown because
consumers perceive it as having strong health benefits. Fruit teas and herbal teas have also risen in
popularity.
Revenue for the Tea, Coffee and Other Food Manufacturing industry is forecast to grow over the next
five years.
A projected recovery in export demand after the COVID-19 pandemic and increasing consumer
demand for premium varieties of industry products, such as coffee capsules, are anticipated to
support revenue growth over the period. However, ongoing pressure from imports and supermarket
private-label brands is likely to limit the overall growth in industry revenue. Overall, industry revenue
is forecast to increase at an annualised 2.6% over the five years through 2025-26, to $9.3 billion.
Coffee Bean Distributors in Australia
Industry operators primarily supply roasted coffee beans to cafes and coffee shops in Australia. The
industry excludes instant and percolated coffee.
Key Trends
• Australia's rising coffee culture has supported industry demand.
• The popularity of coffee capsules has been constraining demand for roasted coffee beans.
• Weaker downstream demand, stemming from the COVID-19 restrictions, has squeezed profit
margins.
• While demand for coffee will grow, industry firms will have to adapt to increasing competition.
53
•Higher expenditure on recreation and culture is
anticipated to drive industry expansion.
•The instant coffee market will remain the most
significant challenge to the industry.
•COVID-19 has disrupted Australia's coffee culture
and demand from primary downstream markets.
A rise in coffee culture has supported the Coffee Bean

Distributors industry over the past five years.
However, lockdown and movement restrictions
brought on by the COVID-19 pandemic, has disrupted
downstream demand over the past two years. Demand from cafes and coffee shops fell significantly
over the lockdown periods, with many of these establishments temporarily shutting down due to
subdued consumer demand and limited operating capacity. These factors have outstripped any growth
over the past five years. As a result, industry revenue is expected to decline at an annualised 0.2%
over the five years through 2020-21, to $2.5 billion.
The outbreak of COVID-19 has disrupted Australia's coffee culture and deteriorated demand from
primary downstream markets. In March 2020, the Federal Government imposed trading restrictions on
all non-essential businesses, limiting cafes, coffee shops and restaurants to takeaway services only. In
response, many of these downstream establishments temporarily closed or ceased operations over the
lockdown periods, due to difficult trading conditions. Although a shift to homemade coffee among
consumers boosted demand from supermarkets and grocery stores, it has exposed the industry to
stronger external competition from instant coffee and coffee pods. Nevertheless, easing movement
restrictions and the reopening of cafes and coffee shops for dine-in services are anticipated to bolster
industry demand in the current year. Industry
revenue is expected to grow by 2.6% over 2020-21.
Downstream demand is anticipated to recover over

the next five years, driven by rising discretionary
incomes and the continued popularity of coffee
culture. Industry revenue is forecast to increase at an
annualised 1.8% over the five years through
2025-26, to $2.7 billion. Increases in demand from
cafes and coffee shops, and expenditure on
recreation and culture will likely be key drivers of industry revenue growth. Profit margins are
projected to increase over the period, in line with stronger demand for premium coffee beans.
However, price competition in the industry is anticipated to remain intense over the period, limiting
growth in profitability.
54
The COVID-19 pandemic has had a significant effect on the industry's performance.
In March 2020, to contain the spread of the virus, the Federal Government imposed restrictions on
downstream cafe, coffee shop and restaurant markets, limiting these businesses to takeaway only.
Many of these establishments temporarily closed or ceased operations over the lockdown periods, due
to subdued demand and limited operation ability. As a result, demand for roasted coffee beans fell
sharply over 2019-20, putting downward pressure on industry revenue.
Meanwhile, many households shifted to making coffee at home during the lockdown periods,
supporting sales to supermarkets and grocery stores. However, this shift also boosted demand for
substitute products, such as coffee pods and instant coffee, hindering demand growth from
supermarkets. Nevertheless, the easing of movement restrictions, and the reopening of cafes, coffee
shops and restaurants for dine-in services are anticipated to bolster demand for industry products in
the current year.
55
Key drivers
• The amount of coffee purchased by consumers influences industry revenue.
56
• Consumers are often more likely to drink instant coffee at home, instead of grinding their own
coffee beans. Consequently, most demand for coffee beans comes from cafes and coffee shops.
The number of small, independent coffee shops has increased over the past five years, driven by
Australia's growing coffee culture. Changes in the world price of coffee also affect industry
revenue. However, given that prices of arabica and robusta coffee beans do not always move
together, price fluctuations can have a muted effect on industry firms.
• As coffee is generally considered a non-staple product, discretionary income influences the
industry's performance. Rising expenditure on recreation and culture over the three years through
2018-19 has supported industry revenue, with demand for coffee beans from both restaurants and
coffee shops increasing before the imposition of COVID-19 restrictions and the negative economic
consequences, such as consumer pessimism.
• Industry operators face intensifying competition from coffee capsule distributors due to the
popularity of Nestle's Nespresso and other coffee pod machines. These capsules offer some
consumers a cheaper and more convenient alternative to freshly roasted coffee. This trend has
hindered the industry's performance over the past five years.
Coffee culture in Australia
Australia's coffee culture has been the main factor driving industry revenue growth over the three
years through 2018-19.
Rising popularity of brunch culture among younger consumers has led consumer to opted for
establishments where they can enjoy their coffee with a meal. This trend has prompted many food
service establishments to offer coffee in their menus, benefiting industry players. Over the past five
years, busy lifestyles have caused many Australians to spend less time at home preparing their own
meals, which has driven revenue for coffee shops and cafes. Furthermore, premium coffee presents
an affordable luxury that many consumers can
indulge in. Demand for premium blends and fair-
trade varieties has supported the industry's
performance over the period.
Industry structure
Most coffee consumed in Australia is imported

from overseas.
Coffee roasters purchase imported green beans

from various suppliers, which they then roast and
use to formulate their own blends. Once the
beans are roasted, they are distributed to
restaurants, cafes and coffee shops. Arabica beans account for the largest portion of industry revenue.
Roasters commonly distribute their own coffee. As a result, the industry has a limited number of
wholesalers. Even smaller roasters, such as Seven Seeds and Industry Beans, tend to enter into
contracts with wholesale customers to sell their coffee beans directly. A key success factor for industry
operators is establishing good relationships with the end supplier. Larger industry participants, such as
57
Vittoria Coffee, often provide training courses for baristas to ensure that the taste and quality of their
products remains consistent across different cafes and coffee shops.
Enterprise numbers have risen over the past five years. This growth has been mainly driven by the
premiumisation of coffee products, which has opened up many niche markets and encouraged new
businesses to enter the industry. A growing number of coffee shops specialising in particular blends of
coffee has further supported this trend. Employment numbers have increased in line with growth in
industry enterprises over the period.
Industry profitability has declined over the past five years,

partly due to the outbreak of COVID-19. Weaker
downstream demand, stemming from the COVID-19
restrictions, has squeezed profit margins. Furthermore, price
competition has intensified over the past five years, as new
industry players have entered the market. Industry players
have lowered prices to retain market share, which has
eroded profitability over the period. However, demand for
premium coffee has partially offset the decline in profit, as
premium coffee beans generally attract higher margins.
The Coffee Bean Distributors industry is projected to

recover over the next five years.
Rising demand from cafes and coffee shops, on the back of continued growth in Australia's coffee
culture and premiumisation trends, is anticipated to be a key drive of industry expansion. Expenditure
on recreation and culture is forecast to rise over the period, benefiting the industry as visiting cafes
and coffee shops is considered a recreational activity. Rising discretionary incomes and consumer
optimism are also anticipated to support demand growth over the next five years. However, rising
pressure from coffee pods distributors and increasing internal competition will likely threaten the
industry's growth over the period. Overall, industry revenue is projected to grow at an annualised
1.8% over the five years through 2025-26, to $2.7 billion.
Demand drivers
Demand from cafes and coffee shops is projected to increase over the next five years.
This demand is anticipated to be driven by consumers' higher expenditure on recreation and culture,
combined with greater discretionary incomes. Furthermore, consumers are anticipated to continue to
live busier lifestyles, resulting in less time available to make coffee at home and bolstering demand for
coffee at cafes, coffee shops and restaurants. Australia's coffee culture will continue to develop over
the next five years, as consumers consistently demand premium and boutique coffee blends and
beans.
Downstream changes
The industry heavily relies on downstream markets, primarily cafes and coffee shops.
Consequently, trends affecting the future performance of cafes and coffee shops also affect the
industry's outlook. The number of coffee shops is projected to rise over the next five years. An
58
increased range of quality coffee is anticipated to underpin growth in the number of independent
cafes and coffee shops over the period. The rising number of independent cafes and coffee shops
benefits coffee distributors, as larger chains tend to establish their own roasting houses and
distribution networks. However, while demand for coffee is projected to grow over the next five years,
industry participants will have to adapt to increasing competition. Industry operators will likely need to
invest more in establishing relationships with customers, providing after-sales support and training
coffee shop staff. The industry's average wage is projected to grow over the next five years, as
experienced roasters and baristas are hired to provide these additional services.
Profitability
Industry profit margins are projected to expand over the next five years, supported by rising demand
for high-margin premium coffee beans.
Fluctuations in the world price of coffee will likely affect industry purchases over the period. However,
many local distributors will likely enter into fixed supply contracts with upstream suppliers, allowing
them to mitigate the effects on input costs. Growing demand for premium coffee blends and fair-trade
coffee, which generally attract higher prices, is anticipated to support industry profitability growth.
However, price competition is forecast to increase over the period, as the entry of new players forces
some existing distributors to lower prices to maintain supply contracts with downstream markets.
Subsequently, this price-based competition will likely constrain industry profit margins.
Growing competition
Competition in the industry is anticipated to remain high over the next five years.
Although coffee shops are growing, instant coffee still maintains a dominant share of the domestic
coffee market. Instant coffee is the most common substitute for coffee brewed from roasted beans.
Other beverages, such as tea and energy drinks, pose less of a threat to industry demand. The
COVID-19 lockdown restrictions have caused a shift to homemade coffee, with many consumers
59
opting for instant coffee due to easier preparation. This trend will likely remain even in a post-
COVID-19 environment, hindering industry sales. Industry operators could offset this threat by
investing more in marketing to create strong brand awareness among coffee shops and consumers.
However, this strategy would require large capital investment and scale of operation, which is difficult
to achieve in the industry due to intense internal competition. In addition, coffee pods and Nespresso
machines will continue to present a growing challenge for coffee bean distributors over the next five
years. Coffee pod machines are restricting demand from supermarkets and grocery stores, with an
expanding range of coffee pods reducing shelf space for industry products.
Coffee consumption in Australia
Australian coffee culture developed from cafés owned by

Greek and Italian migrants, slowly brewing from the post-
war immigration boom in the 1950s and 1960s, to
becoming a nationwide obsession that is now part of
Australia's cultural identity. Over the last decade Australia's
coffee imports have more than doubled, likely fuelled by
the booming café industry and an ever-increasing appetite for coffee and coffee beverages.
In terms of coffee production, Australia is not a major coffee bean producing country. Nonetheless,
the Australian coffee market is among the largest in the world. In terms of exports alone, Australia
exported nearly 70 million Australian dollars' worth of coffee and coffee substitutes in 2020 and the
annual domestic coffee consumption totalled more than 1.9 million 60-kilogram bags. On average,
Australians consumed around two kilograms of coffee per person in 2021, out of which 0.7 kilograms
were roast coffee and around 1.4 kilograms were instant coffee. However, considering the per capita
consumption, Australians are far behind Finland, Scandinavian countries and other European
countries, but still among the leading 30 coffee consuming countries.
Cafés, restaurants and takeaway services contribute more than 4.5 billion Australian dollars in gross
value added to the Australian economy. An estimated 96,000 people will be employed in cafés and
coffee shops in Australia in that same year. Regarding coffee consumption and preferences,
Australians like their coffee on the go. Around 23 percent of all coffee orders are coffee-to-go orders,
ranking Australia fourth behind Japan, the United States and Canada in terms of coffee-to-go. The
most popular cup sold in cafés and coffee shops in Australia was the latte, followed by the flat white
and the cappuccino. In 2019, the average price for a latte ranged from almost four Australian dollars
60
in Queensland, Victoria and the Australian capital territory to over 3.6 Australian dollars in the
Northern Territory and New South Wales.
(Source: https://www.statista.com/topics/4615/coffee-market-in-australia/
#dossierSummary__chapter1 )
Useful Links for additional research
• IBIS World free access to IbisWorld from the State Library of Victoria https://www.slv.vic.gov.au/
• Australian Bureau of Statistics https://www.abs.gov.au/
• AUSTRALIA COFFEE MARKET - GROWTH, TRENDS, COVID-19 IMPACT, AND FORECASTS (2021 -
2026) https://www.mordorintelligence.com/industry-reports/australia-coffee-market
• Australian attitudes towards coffee https://mccrindle.com.au/insights/blogarchive/australian-
attitudes-towards-coffee/
• 10 Key Coffee Statistics Australia Needs to Know https://whatasleep.com.au/blog/coffee-statistics-
australia/
• Pandemic Habits: Coffee drinking has changed in Australia https://www.adnews.com.au/news/
pandemic-habits-coffee-drinking-has-changed-in-australia
• Distribution of coffee consumption at home during the coronavirus (COVID-19) outbreak in
Australia as of March 22, 2020 by type https://www.statista.com/statistics/1118657/australia-
distribution-coffee-consumption-at-home-during-covid-19-by-type/
• Coping with COVID-19 https://www.beanscenemag.com.au/coping-with-covid-19/
61

BSBXCS402 Assessment Task 2 V4 Digital Marketing PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BSBXCS402 Assessment Task 2 V4 Digital Marketing PDF

Uploaded by

Copyright:

Available Formats

Assessment

Student name Ben Walker

Student Ben Walker Date

Task Number 2 13/11/21

For Trainer and Assessor to complete:

Student requested reasonable adjustment for the assessment

Marking Sheet Comments Y N D

Did the student satisfactorily:

• Feedback form in Task 2.1A

Did the student satisfactorily:

Did the student satisfactorily:

Did the student satisfactorily:

This is evidenced by:

Did the student satisfactorily:

This is evidenced by:

Task Outcome: Satisfactory ☐ Not Yet Satisfactory ☐

Task 2 – Promote workplace cyber security awareness and

Please read Appendix 1 to support the completion of your assessment.

The CEO asked you to:

• Establish the current level of awareness in the management team

This task comprises of the following assessment methods:

It has been designed to evaluate your ability to/competency in:

• Establish current level of awareness in work area relating to cyber

Your assessor will be looking for demonstrated evidence of your

What do I need to do • submit the completed assessment tasks, according to instructions,

Specifications You must deliver/participate in:

• Consult with the HR Manager as needed when developing the

You must submit to GOALS

Resources and • Computer with Internet access

Re-submission You will be provided feedback on your performance by the Assessor.

Complete the following activities:

Task 2.1 Review cyber security in the workplace

This task requires you to:

Record the questions in the template provided below (Template 1).

Template 1 -Feedback Form

Likelihood of external threat vectors occurring.

Scale: 9= most likely, 1= least likely.

Cyber threats and incidents 8.1

o 40% - Database Privilege abuse - When a user, intentionally or accidentally, misuses

2. Develop a report (Template 2) for the Board of Directors to :

• Cyber security practices in the organisation

• Latest cyber security threats and trends impacting the organisation

Recommendations for improvement

Password complexity requirments

Keep all OS and Anti Virus up to date

A Procedure for a daily backup needs to be implemented

• It "wraps up" your report

Write an email (Template 3) to the Board of Directors to submit your report.

Email to the BoD

Task 2.2 Develop cyber security awareness in the workplace

This task requires you to:

Address the following:

Assume that the BoD has agreed on a training budget of $ 6,500.00.

(4-5 key training initiatives)

Template 4 -Training Plan

Cyber Security Awareness

aware.com - Cyber Business Cyber Security Online Training, $1430 / y

Total Cost 6130$

Develop a policy for cyber security in the organisation (Template 5).

Purpose and scope

(purpose and scope of the policy 30-50 words)

Policy and Procedures

BYOD must not be used for work purposes.