LO1 & 2D1 Critically Evaluate the effectiveness of three different types of virtual and physical IT security measures which can be adopted by educational institutions
P1 Identify the different types of risks that organizations face in education sector P2 Detail the different procedures for improving IT security
M1 Design a method for dealing with IT security risks and assessing these risks
LO2 Describe IT security solutions
P3 Examine the impact of IT security and incorrect configurations of firewalls and VPNs P4 Using examples, show the impact of implementing DMZ, NAT and IP on network security in educational institution
M2 Examine the three main benefits of monitoring systems for networks, along with supporting reasons within educational institutions
LO3 Review mechanisms to control organizational IT security
D2 Analyse and consider ways in which IT security can be aligned with the organizational policy of the educational institutions, while also discussing the security impact of any misalignment.
P5 Examine & discuss the main risk assessment procedures for educational institutions P6 examine the data protection processes and regulations which are applicable for educational institutions
M3 Examine the effectiveness of ISO 31000 risk management methodology and application for IT security of educational institutions M4 Examine and discuss the impacts of organizational security which can result from an IT security audit of educational institutors
LO4 manage organizational security
D3 Critically evaluate the tools used and their suitability for an organizational policy for an educational institution
P7 Design and implement a security policy for an educational institution P8 Examine the main components of a disaster recovery plan for an educational institution, with justifications for the inclusion of the plan
M5 Evaluation of the main stakeholder and their role in implementing security audit recommendations for educational institutions
The submission is in the form of a presentation, along with a security awareness handbook and a detailed security policy. The security awareness handbook, as well as the security policy, will discuss the IT security risks, procedures and policies which must be followed. These documents should be written in a concise, formal business style using single spacing and font style times new roman and size 11. You are required to use headings, paragraphs and subsections as appropriate, and all work must be supported with research and referenced using the Harvard referencing system. Please also provide a bibliography using the Harvard referencing system at the end of the report and a PowerPoint presentation. Your report should be divided into multiple sections with the following submission formats:Section 1: LO1 & LO2 The submission is in the form of a 15-20 slide presentation on the IT security risks for educational institutes along with a cover slide and a conclusion slide. You will also maintain the presenter’s notes. You are required to use headings, paragraphs and subsections as appropriate, and all work must be supported with research and referenced using the Harvard referencing system. Section 2: LO3 & LO4 Produce an IT Security Awareness Handbook, which is provided to all attendees of ICMS IT Security Conference 2021. The booklet should be written in a concise, formal business style using single spacing and font style times new roman and size 11. You are required to use headings, paragraphs and subsections as appropriate, and all work must be supported with research and referenced using the Harvard referencing system. Section 3: LO3 & LO4 The final component of the ICMS IT Security Conference 2021 will be the production of a security policy, which can be used by educational institutions to evaluate their security work environment. These will be produced according to the template provided to the IT professional, including a Disaster Recovery Plan. Security policy templates to be used by students: https://www.template.net/business/policy/security-policy/ The policy should be written in a concise, formal business style using single spacing and font style times new roman and size 11. You are required to use headings, paragraphs and subsections as appropriate, and all work must be supported with research and referenced using the Harvard referencing system. Note:Sections 2 & 3 should be 1500 – 2000 words in length each, however, there will be no penalty on exceeding this limit.
Assignment Scenario and Guidance
Scenario You have been asked to work as an IT security professional to support ICMS IT Security Conference 2021. This is an online event that is aimed at the education sector, focusing on the security sector within education. This is a one-day event, which includes seminars and workshops from an industry professional on current security issues facing the education sector. You have been requested to produce a set of documents as well as a presentation with the presenter’s notes. As a security professional, you will be producing a security awareness booklet as well as an IT security policy which will support one of the workshops with the ICMS IT Security Conference 2021.
section 1 – Guidance
The submission is in the form of a 15-20 slide presentation on the IT security risks for educational institutions. This presentation will include references to the following: The different types of security risks which are faced by educational institutions overview of how IT security risks can be assessed and managed what security risks do you think are at posed at the ICMS IT Security Conference and how can those risks be mitigated? Ways in which configuration of firewall policies and Virtual Private Networks can be managed and impact of they are not configured according to needs of educational institutions ways in which backup plans can be managed to improve network security by implementing a static IP, NAT and a DMZ.Three ways in which network monitoring can lead to improvements in the IT system at ICMS. This presentation should also allow a networking opportunity for you to discuss the different types of security measures which can be employed for the company to increase the integrity of the organizational security which must be followed for the company. The presentation will examine at least three virtual and security measures which can be integrated for the organization security within educational institutions. You will also need to provide accompanying notes which are needed to evaluate the physical and virtual security measures (keeping in mind ICMS security policies).
Section 2 – Guidance
Produce an IT Security Awareness Handbook, which is provided to all attendees of ICMS IT Security Conference 2021. This booklet will provide details on the different types of IT risks, and the best way to manage these risks. Moreover, the booklet will also discuss the organizational security arrangements and policies which are being followed in an educational institution and ways in which these policies can align. As part of this Security Awareness Handbook, you will be required to address the following issues: Data protection: The main regulations and processes which educational institutions need to follow. Also, apply these to the ICMS IT Security Conference 2021.Risk Assessments: Overview of the ISO 31000 risk management methodology and ways in which this applied to IT security within educational institutionsIT Security Policy: What is the role of IT security audit in educational institutions? Ways in which organizational policy (in educational institutions) can be aligned with IT security policy? How well do these policies cater to the ICMS IT Security Conference and what further measures can be included to improve IT security in such virtual events in the future? Also, evaluate the suitability of various tools which can be used for organizational IT security policy.
section 3- GUIDANCE
The final component for students will be the provision of an IT security policy which will be produced by the IT security professional., including a disaster recovery plan This policy will help in the design of a security policy for the educational institutions and examine ways in which the implementation can be catered within the educational organizations according to the particular needs of the education sector. You will be designing and implementing a security policy for the educational institution, which is relevant to the security work environment for educational institutes. You will also evaluate how well the security tools used within the policy can mitigate risks in future virtual IT conferences.
Summary of evidence required by the student
15-20 PowerPoint slides along with presenter’s notes