BIT 303 IT Management, Ethics and Security

Assessment item 2: Security assessment

Due date: Week 12

Value: 25%

Assessment 2 in a Group
Mode:

Length: Minimum 4000 words

Maximum 4500 words

Course Learning Outcomes

This assignment provides an opportunity for the students to demonstrate their knowledge and
to:

CLO1 : Recognize the foundation and framework for management of information security

CLO2 : Examine and develop IT security policies, compliances and the mechanisms for
implementation

Other General Learning Outcomes

 demonstrate research and writing skills;

 demonstrate knowledge and application of appropriate terminology; and

 demonstrate ability to integrate and apply information from various topics and to
apply understanding and knowledge to a practical situation.
Instructions

Answer the following questions:

1. What are the most important security issues facing companies today? Have these changed
in the last five years, and will they continue to change? How should companies prepare
themselves for security threats and problems in the future? Select an industry to use as an
example to answer the questions.
(1200 words)

2. The Internet of Things (IoT) has been an industry buzzword for years. The IoT may be
convenient, but there are also huge risks. Security is a critical element of IoT deployment.
The endless variety of IoT applications poses wide variety of security challenges.

Gartner has estimated that there will be over 20 billion connected devices in the year 2020
generating over 200 billion dollars in annual revenue. With the growth in devices across
the consumer and business user base, along with the overall advancement in capabilities of
Internet-connected devices we can only assume that the annual revenue will exponentially
increase. Which means that IoT devices will soon become essential, and necessary, in our
daily lives.

a) Identify a company and discuss what are the key security challenges and constraints
of deploying IoT in their business organisations and how will they overcome those
challenges. Use a real-world company for your discussion.
(1000 words)

b) Based on the answer given in part (a), develop THREE (3) important policies which
need to be implemented to overcome the security challenges by using the
framework given in the textbook “Management of Information Security” by
Michael E. Whitman and Herbert J. Mattord.

(300 words)
3. A growing number of people believe that the use of biometrics is an invasion of privacy.
For example, an eye scanning device records the inner structure of a person’s eye and stores
that image in a database. Critics worry that databases of human traits used to maintain
corporate security may actually pose a privacy threat to individuals, if such data were used
in other ways. In your view, are such concerns justified? Why or why not? Discuss this
issue.

(Hint: Consider the need for IS security with users’ desire to keep their personal
information secure. Students are encouraged to discuss on how data about a person’s
physical characteristics might be used)

(1000 words)

4. COBIT and ITIL are information technology management and IT governance frameworks,
and both are popular around the world. They were created to provide management and
guidance for IT services in businesses of all sizes. Conduct a research to answer the
following questions.

a) Identify and discuss the similarities and differences between both the governance
frameworks.

b) How does this governance frameworks benefits the business enterprises? Use any two
real world examples to explain your answer.

(Note: Use the latest version of the framework)

(1000 words)

Marking criteria

Marks will be awarded based on:

 the degree to which you demonstrate your understanding of facts, principles and
concepts;

 clarity of explanations;

 coherence and logical presentation of arguments;

 professional presentation including correct grammar and spelling; and
 writing and research skills;

Note: All sources of information must be fully referenced & in-text citation must be given.