Scribd Logo
Upload

Welcome to Scribd!

  • Unit 32 Information Security Management 2-2 Spring 2024

    Uploaded by

    haseeb60084
    3 views4 pages
    ISMS

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    ISMS

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views4 pages

    Unit 32 Information Security Management 2-2 Spring 2024

    Uploaded by

    haseeb60084
    ISMS

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Pearson

    Higher National in
    Computing

    Unit 31: Information Security Management

    ASSIGNMENT
    BRIEF

    This Assignment Brief is the property of


    THE MILLENNIUM UNIVERSITY COLLEGE
    Higher National Certificate/Diploma in Computing
    Assignment Brief
    Pearson Reg. Number
    Student Name
    Unit Number and Title Unit 31: Information Security Management
    Academic Year 2024
    Unit Tutor Kanza Ahmed
    Assignment Title ISO 27001:2013 Standard for ISMS
    Issue Date 16-Apr-2024
    Submission Date 27-May-2024
    Submitted On
    Internally Verified?  Yes  No
    IV Name Mir Wajid Ali
    IV Date
    Student Declaration
    I solemnly declare that the work submitted for this assignment is my own and research sources
    are fully acknowledged.

    Student Signature: Tutor Signature:


    Date: Date:

    Submission Format

    The submission should be in the form of a word document, collated into a single PDF. You are
    required to read the case study and answer the questions accordingly.

    You are required to submit your work for plagiarism checking. No work will be considered if it
    contains plagiarism more than the acceptable level defined as per TMUC’s plagiarism policy.

    Unit Learning Outcomes:


    LO3 Appraise an ISMS and describe any weaknesses it may contain
    LO4 Examine the strengths and Weaknesses of implementing ISMS standards

    This Assignment Brief is the property of


    THE MILLENNIUM UNIVERSITY COLLEGE
    Assignment Brief and Guidance:

    You are part of a company Cryptech which is a Security Consultancy. Cryptech’s sole purpose is
    to help companies achieve the level where they can easily get ISO certified by helping a
    company maintain their documentation, train their employees, plan and do audit and finally
    implement an ISMS in their company. Furthermore, Cryptech also monitors the company after
    the ISMS has been implemented and if any improvements are further needed.

    A confidential client has approached your company for an independent evaluation of an ISO
    27001:2013 audit report (report attached with the brief and may also be downloaded from
    “https://www.hcpc-uk.org/globalassets/meetings-attachments3/audit-committee/2018/
    june/enc-15---bsi-iso27001-audit-report/”). Client is interested in getting an insight of how
    effective the ISMS for an organization is and how effective ISO 27001:2013 is for implementing
    ISMS within an organization.

    In this regard, you are required to analyse the audit report and develop a report of your own
    comprising of following information:

     Identify the strengths and weaknesses in the ISMS (P3)

     Prioritize these strengths and weaknesses with regards to the organization’s context and
    operations. (M3)

     Critically examine the strength and weaknesses identified with regards to ISMS and what
    potential remedial actions are there to improve its effectiveness for the organization
    (D2)

     Discuss the purpose of ISO 27000 series and particularly include the key clauses of ISO
    27001:2013 such as ISMS scope, leadership commitment, policy, organizational roles,
    risk assessment, risk treatment, analysis etc. (P4)

     An evaluation of how ISO 27001:2013 would establish an effective ISMS within an


    Organization (M4)

     A critical evaluation of advantages and disadvantages of getting certification for ISO


    27001:2013. (M5)

    Following internet resource many consulted for more effective understanding of ISO
    27001:2013 standard.
    https://isoconsultantkuwait.com/2020/01/08/iso-270012013-isms-manual/

    https://www.isms.online/iso-27001/iso27001-statement-applicability-simplified/

    Please access HN Global for additional resources support and reading for this unit. For
    further guidance and support on report writing please refer to the Study Skills Unit on HN
    Global. Link to www.highernationals.com

    This Assignment Brief is the property of


    THE MILLENNIUM UNIVERSITY COLLEGE
    Grading Criteria
    Learning Outcome Pass Merit Distinction
    LO3 Appraise an ISMS P3 Recognise strengths M3 Examine the D2 Critically examine
    and describe any and weaknesses in a strengths and the strengths and
    weaknesses it may given ISMS, based on weaknesses of an ISMS weaknesses in the
    contain documentation review in the context of an context of an example
    and audit output organization, priortising ISMS and provide
    issues. potential remedial
    actions to improve its
    effectiveness.
    LO4 Examine the P4 Recognise the M4 Evaluate the
    strengths and purpose of the ISO relationship between
    Weaknesses of 27000 series and the ISO 27001:2013 and
    implementing ISMS key clauses of ISO establishing an
    standards 27001:2013 effective ISMS within an
    organization
    M5 Critically assess the
    advantages and
    disadvantages of
    certification against
    the standard

    This Assignment Brief is the property of


    THE MILLENNIUM UNIVERSITY COLLEGE

    You might also like