Overview
This advanced management unit provides postgraduate networks and information security students with a thorough understanding of the concepts, processes and controls for the assurance of information security within a business organisation. The unit builds on student’s prior knowledge of the measures associated with the protection of an organisation’s information infrastructure assets and the most cost-effective and appropriate ways of planning and implementing these measures. Drawing on the fundamental premise that information security is a management issue, and not a technical one alone, the unit covers areas of information security planning, governance, policies, best practices, risk management, compliance, personnel, law and ethics. The unit qualifies the student to apply the gained knowledge and skills to real world situations, and in accordance with standards set by governments, professional bodies and industry.
Details
Pre-requisites or Co-requisites
Prerequisite: COIT20261 Network Routing and Switching
Important note: Students enrolled in a subsequent unit who failed their pre-requisite unit, should drop the subsequent unit before the census date or within 10 working days of Fail grade notification. Students who do not drop the unit in this timeframe cannot later drop the unit without academic and financial liability. See details in the Assessment Policy and Procedure (Higher Education Coursework).
Offerings For Term 3 - 2017
Attendance Requirements
All on-campus students are expected to attend scheduled classes – in some units, these classes are identified as a mandatory (pass/fail) component and attendance is compulsory. International students, on a student visa, must maintain a full time study load and meet both attendance and academic progress requirements in each study period (satisfactory attendance for International students is defined as maintaining at least an 80% attendance record).
Recommended Student Time Commitment
Each 6-credit Postgraduate unit at CQUniversity requires an overall time commitment of an average of 12.5 hours of study per week, making a total of 150 hours for the unit.
Class Timetable
Assessment Overview
Assessment Grading
This is a graded unit: your overall grade will be calculated from the marks or grades for each assessment task, based on the relative weightings shown in the table above. You must obtain an overall mark for the unit of at least 50%, or an overall grade of ‘pass’ in order to pass the unit. If any ‘pass/fail’ tasks are shown in the table above they must also be completed successfully (‘pass’ grade). You must also meet any minimum mark requirements specified for a particular assessment task, as detailed in the ‘assessment task’ section (note that in some instances, the minimum mark for a task may be greater than 50%). Consult the University’s Grades and Results Policy for more details of interim results and final grades.
All University policies are available on the CQUniversity Policy site.
You may wish to view these policies:
- Grades and Results Policy
- Assessment Policy and Procedure (Higher Education Coursework)
- Review of Grade Procedure
- Student Academic Integrity Policy and Procedure
- Monitoring Academic Progress (MAP) Policy and Procedure – Domestic Students
- Monitoring Academic Progress (MAP) Policy and Procedure – International Students
- Student Refund and Credit Balance Policy and Procedure
- Student Feedback – Compliments and Complaints Policy and Procedure
- Information and Communications Technology Acceptable Use Policy and Procedure
This list is not an exhaustive list of all University policies. The full list of University policies are available on the CQUniversity Policy site.
Feedback, Recommendations and Responses
Every unit is reviewed for enhancement each year. At the most recent review, the following staff and student feedback items were identified and recommendations were made.
Feedback from Review by Unit Coordinator
The number of PowerPoint slides of week 12 is too high.
Summarise and reduce the number of PowerPoint slides.
- Explain how information security management fits into general business management.
- Analyse the information security domain both in respect of security policy and security application.
- Examine the dominant information security blueprints, methods, processes and models, within the framework of national and international standards.
- Research emerging trends in the certification and accreditation of information security systems in Australia and other countries.
- Analyse various risk theories and how these will be applied to the protection of information assets.
- Critically evaluate and reflect on ethical issues that relate to the practice of information security.
- Compare and contrast current laws, regulations, and relevant professional organisations.
- Information Management (IRMG)
- Information Security (SCTY)
- Business Risk Management (BURM);
- Continuity Management (COPL)
- Data Management (DATM)
- Methods and Tools (METL)
Alignment of Assessment Tasks to Learning Outcomes
Assessment Tasks | Learning Outcomes | ||||||
---|---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | 7 | |
1 - Group Discussion - 15% | |||||||
2 - Practical and Written Assessment - 35% | |||||||
3 - Group Discussion - 10% | |||||||
4 - Practical and Written Assessment - 40% |
Alignment of Graduate Attributes to Learning Outcomes
Graduate Attributes | Learning Outcomes | ||||||
---|---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | 7 | |
1 - Knowledge | |||||||
2 - Communication | |||||||
3 - Cognitive, technical and creative skills | |||||||
4 - Research | |||||||
5 - Self-management | |||||||
6 - Ethical and Professional Responsibility | |||||||
7 - Leadership | |||||||
8 - Aboriginal and Torres Strait Islander Cultures |
Alignment of Assessment Tasks to Graduate Attributes
Assessment Tasks | Graduate Attributes | |||||||
---|---|---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | |
1 - Group Discussion - 15% | ||||||||
2 - Practical and Written Assessment - 35% | ||||||||
3 - Group Discussion - 10% | ||||||||
4 - Practical and Written Assessment - 40% |
Textbooks
Management of Information Security
Edition: 5th (2017)
Authors: Michael E. Whitman & Herbert J. Mattord
Cengage Learning
Stamford Stamford , Connecticut , USA
ISBN: 9781305501256
Binding: Hardcover
Additional Textbook Information
It is recommended that students purchase the electronic version of this book (e-book). The e-book should be purchased directly from the Publisher. To do so:
1. Browse to www.cengagebrain.com
2. Search for the book "Management of Information Security" by Whitman & Mattord, 5th edition (as detailed above).
3. From the purchase options displayed, select the e-book version. Purchasing the e-book gives 6-months access to the e-book, according to the site.
4. If you have any questions about the e-book, you need to contact the Publisher directly using the contact details given on the publisher's website.
5. If no questions, then go ahead and purchase the e-book directly from the site.
NOTE: If you prefer the printed version of the book, contact the CQU Bookshop (+61 7 4930 9421) in the first instance.
IT Resources
- CQUniversity Student Email
- Internet
- Unit Website (Moodle)
All submissions for this unit must use the referencing style: Harvard (author-date)
For further information, see the Assessment Tasks.
k.petrus@cqu.edu.au
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Group Discussion I Due: Week 6 Friday (22 Dec 2017) 11:30 pm AEST
Module/Topic
Chapter
Events and Submissions/Topic
Written Assessment 1 Due: Week 7 Friday (5 Jan 2018) 1:30 pm AEST
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Group Discussion II Due: Week 10 Friday (26 Jan 2018) 11:30 pm AEST
Module/Topic
Chapter
Events and Submissions/Topic
Written Assessment 2 Due: Week 11 Friday (2 Feb 2018) 11:30 pm AEST
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Contact information for Dr Khaleel Petrus:
Email: k.petrus@cqu.edu.au Office: Level 20, 160 Ann Street, Brisbane Campus. Please submit questions about the course through the 'Q&A' discussion forum in Moodle, so that everyone can benefit from the questions and answers. If you have any individual queries, please email me and I'll try to get back to you within a day or so. For an individual discussion, please email me and we will make arrangement.
1 Group Discussion
This assessment task has a group discussion and a video presentation of the outcome of the discussion. In their groups of up to 4 members, the students will discuss the specified information security issues of the organisation in the given scenario in relation to the Unit Learning Outcomes 4 and 7. The students need to contribute to their group discussion in Group Discussion I Forum in Moodle during weeks 3, 4 and 5. Each student should copy/paste their discussions to a Word document and upload the latter to Moodle by the deadline in Week 6. Also, they need to individually prepare and upload a very brief video (5 min max.) to YouTube and provide the link in the Word document. Distance students can form groups with on-campus students as well. Further details of this assessment task will be provided on the Moodle unit webpage.
Week 6 Friday (22 Dec 2017) 11:30 pm AEST
Contributions during each week from weeks 3-5 should be concluded by 11.30 pm, Friday of the respective week. The contributions of each student should be copy/pasted to a Word document and uploaded to Moodle by the above deadline. Recorded video presentation should be uploaded to YouTube and the link to the video should be provided in the Word document.
Week 8 Friday (12 Jan 2018)
In this assessment task, the students are assessed against their ability to discuss the information security issues of the organisation in the given scenario in relation to the Unit Learning Outcomes 4 and 7. Please see the unit website for more specific marking criteria.
- Research emerging trends in the certification and accreditation of information security systems in Australia and other countries.
- Compare and contrast current laws, regulations, and relevant professional organisations.
- Knowledge
- Communication
- Research
- Self-management
- Ethical and Professional Responsibility
2 Practical and Written Assessment
This assessment task relates to the Unit Learning Outcomes 1 and 2, and can be undertaken in a group of up to 4 members or individually. Each student will analyse the given scenario and develop an information security policy, either individually or through discussions with other students in their group. Distance students can form groups with on-campus students as well. Further details of this assessment task will be provided on the Moodle unit webpage.
Week 7 Friday (5 Jan 2018) 1:30 pm AEST
The written report (Microsoft Word file) should be uploaded to Moodle by each student by the above due date.
Week 9 Friday (19 Jan 2018)
The students are assessed against their ability to analyse the given scenario and develop an information security policy. Please see the unit website for more specific marking criteria.
- Explain how information security management fits into general business management.
- Analyse the information security domain both in respect of security policy and security application.
- Knowledge
- Communication
- Cognitive, technical and creative skills
- Research
3 Group Discussion
In their groups of up to 4 members, the students will discuss the information security risk management issues of the organisation in the given scenario in relation to the Unit Learning Outcome 3. The students need to contribute to their group discussion in Group Discussion II Forum in Moodle during weeks 8, 9 and 10. Each student should copy/paste their discussions to a Word document and upload it to Moodle by the deadline in Week 10. Distance students can form groups with on-campus students as well. Further details of this assessment task will be provided on the Moodle unit webpage.
Week 10 Friday (26 Jan 2018) 11:30 pm AEST
Contributions during each week from weeks 8-10 should be concluded by 11.30 pm, Friday of the respective week. The contributions of each student should be copy/pasted to a Word document and uploaded to Moodle by the above deadline.
Week 12 Friday (9 Feb 2018)
In this assessment task, the students are assessed against their ability to discuss the information security risk management issues of the organisation in the given scenario in relation to the Unit Learning Outcome 3. Please see the unit website for more specific marking criteria.
- Examine the dominant information security blueprints, methods, processes and models, within the framework of national and international standards.
- Knowledge
- Communication
- Cognitive, technical and creative skills
- Self-management
4 Practical and Written Assessment
This assessment task relates to the Unit Learning Outcomes 5 and 6, and can be undertaken in a group of up to 4 members or individually. The students will need to apply the principles of information security risk management to the organisation in the given scenario and produce a written report. Distance students can form groups with on-campus students as well. Further details of this assessment task will be provided on the Moodle unit webpage.
Week 11 Friday (2 Feb 2018) 11:30 pm AEST
The written report (Microsoft Word file) should be uploaded to Moodle by each student by the above due date.
On Certification Day.
The students are assessed against their ability to apply the principles of information security risk management to the organisation in the given scenario. Please see the unit website for more specific marking criteria.
- Analyse various risk theories and how these will be applied to the protection of information assets.
- Critically evaluate and reflect on ethical issues that relate to the practice of information security.
- Knowledge
- Communication
- Cognitive, technical and creative skills
- Research
As a CQUniversity student you are expected to act honestly in all aspects of your academic work.
Any assessable work undertaken or submitted for review or assessment must be your own work. Assessable work is any type of work you do to meet the assessment requirements in the unit, including draft work submitted for review and feedback and final work to be assessed.
When you use the ideas, words or data of others in your assessment, you must thoroughly and clearly acknowledge the source of this information by using the correct referencing style for your unit. Using others’ work without proper acknowledgement may be considered a form of intellectual dishonesty.
Participating honestly, respectfully, responsibly, and fairly in your university study ensures the CQUniversity qualification you earn will be valued as a true indication of your individual academic achievement and will continue to receive the respect and recognition it deserves.
As a student, you are responsible for reading and following CQUniversity’s policies, including the Student Academic Integrity Policy and Procedure. This policy sets out CQUniversity’s expectations of you to act with integrity, examples of academic integrity breaches to avoid, the processes used to address alleged breaches of academic integrity, and potential penalties.
What is a breach of academic integrity?
A breach of academic integrity includes but is not limited to plagiarism, self-plagiarism, collusion, cheating, contract cheating, and academic misconduct. The Student Academic Integrity Policy and Procedure defines what these terms mean and gives examples.
Why is academic integrity important?
A breach of academic integrity may result in one or more penalties, including suspension or even expulsion from the University. It can also have negative implications for student visas and future enrolment at CQUniversity or elsewhere. Students who engage in contract cheating also risk being blackmailed by contract cheating services.
Where can I get assistance?
For academic advice and guidance, the Academic Learning Centre (ALC) can support you in becoming confident in completing assessments with integrity and of high standard.