Overview
This unit provides you with a thorough understanding of the managerial aspects of information security in a business organisation. You will complement your existing knowledge of information and communication technologies by studying the organisational and management issues relevant to information security. You will learn about the importance of information security plans, security risk management and compliance monitoring, and develop and apply security policies and best practices. Through case studies, you will consider information security strategies that support business objectives while being aware of legal and ethical obligations. As a result, you will have the knowledge and skills to contribute to information security governance in accordance with standards set by governments, professional bodies and industry.
Details
Pre-requisites or Co-requisites
Prerequisite: COIT20261 Network Routing and Switching
Important note: Students enrolled in a subsequent unit who failed their pre-requisite unit, should drop the subsequent unit before the census date or within 10 working days of Fail grade notification. Students who do not drop the unit in this timeframe cannot later drop the unit without academic and financial liability. See details in the Assessment Policy and Procedure (Higher Education Coursework).
Offerings For Term 2 - 2018
Attendance Requirements
All on-campus students are expected to attend scheduled classes – in some units, these classes are identified as a mandatory (pass/fail) component and attendance is compulsory. International students, on a student visa, must maintain a full time study load and meet both attendance and academic progress requirements in each study period (satisfactory attendance for International students is defined as maintaining at least an 80% attendance record).
Recommended Student Time Commitment
Each 6-credit Postgraduate unit at CQUniversity requires an overall time commitment of an average of 12.5 hours of study per week, making a total of 150 hours for the unit.
Class Timetable
Assessment Overview
Assessment Grading
This is a graded unit: your overall grade will be calculated from the marks or grades for each assessment task, based on the relative weightings shown in the table above. You must obtain an overall mark for the unit of at least 50%, or an overall grade of ‘pass’ in order to pass the unit. If any ‘pass/fail’ tasks are shown in the table above they must also be completed successfully (‘pass’ grade). You must also meet any minimum mark requirements specified for a particular assessment task, as detailed in the ‘assessment task’ section (note that in some instances, the minimum mark for a task may be greater than 50%). Consult the University’s Grades and Results Policy for more details of interim results and final grades.
All University policies are available on the CQUniversity Policy site.
You may wish to view these policies:
- Grades and Results Policy
- Assessment Policy and Procedure (Higher Education Coursework)
- Review of Grade Procedure
- Student Academic Integrity Policy and Procedure
- Monitoring Academic Progress (MAP) Policy and Procedure – Domestic Students
- Monitoring Academic Progress (MAP) Policy and Procedure – International Students
- Student Refund and Credit Balance Policy and Procedure
- Student Feedback – Compliments and Complaints Policy and Procedure
- Information and Communications Technology Acceptable Use Policy and Procedure
This list is not an exhaustive list of all University policies. The full list of University policies are available on the CQUniversity Policy site.
Feedback, Recommendations and Responses
Every unit is reviewed for enhancement each year. At the most recent review, the following staff and student feedback items were identified and recommendations were made.
Feedback from Self reflection.
Difficult to understand the concepts without authentic information security management case studies.
Some authentic cases reported on information security management issues should be included in the tutorial questions for discussion.
- Analyse the information security policies and programs of organisations based on national and international standards
- Develop the guidelines for an information security policy for an organisation
- Apply information security risk standards to protect information assets in organisations
- Justify information security certification and accreditation required in relation to personnel and information security of an organisation
- Compare and contrast the laws and ethics of information security management.
- Information Management (IRMG)
- Information Security (SCTY)
- Business Risk Management (BURM);
- Continuity Management (COPL)
- Project Management (PRMG)
- Methods and Tools (METL)
Alignment of Assessment Tasks to Learning Outcomes
Assessment Tasks | Learning Outcomes | ||||
---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | |
1 - Written Assessment - 35% | |||||
2 - Group Discussion - 25% | |||||
3 - Written Assessment - 40% |
Alignment of Graduate Attributes to Learning Outcomes
Graduate Attributes | Learning Outcomes | ||||
---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | |
1 - Knowledge | |||||
2 - Communication | |||||
3 - Cognitive, technical and creative skills | |||||
4 - Research | |||||
5 - Self-management | |||||
6 - Ethical and Professional Responsibility | |||||
7 - Leadership | |||||
8 - Aboriginal and Torres Strait Islander Cultures |
Alignment of Assessment Tasks to Graduate Attributes
Assessment Tasks | Graduate Attributes | |||||||
---|---|---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | |
1 - Written Assessment - 35% | ||||||||
2 - Group Discussion - 25% | ||||||||
3 - Written Assessment - 40% |
Textbooks
Management of Information Security
Edition: 5th (2017)
Authors: Michael E. Whitman & Herbert J. Mattord
Cengage Learning
Stamford Stamford , Connecticut , USA
ISBN: 9781305501256
Binding: Hardcover
Additional Textbook Information
It is recommended that students purchase the electronic version of this book (e-book). The e-book should be purchased directly from the Publisher. To do so:
1. Browse to www.cengagebrain.com
2. Search for the book "Management of Information Security" by Whitman & Mattord, 5th edition (as detailed above).
3. From the purchase options displayed, select the e-book version. Purchasing the e-book gives 6-months access to the e-book, according to the site.
4. If you have any questions about the e-book, you need to contact the Publisher directly using the contact details given on the publisher's website.
5. If no questions, then go ahead and purchase the e-book directly from the site.
NOTE: If you prefer the printed version of the book, contact the CQU Bookshop (+61 7 4930 9421) in the first instance.
IT Resources
- CQUniversity Student Email
- Internet
- Unit Website (Moodle)
- Microsoft Office Suite
All submissions for this unit must use the referencing style: Harvard (author-date)
For further information, see the Assessment Tasks.
r.desilva@cqu.edu.au
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
5
Events and Submissions/Topic
Continuation of Group Discussion
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Continuation of Group Discussion
Module/Topic
Chapter
Events and Submissions/Topic
End of Group Discussion
Assessment Item 1 Due: Week 7 Monday (27 Aug 2018) 8:00 am AEST
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
Chapter
Events and Submissions/Topic
Contact information for Dr Rohan de Silva:
Email: r.desilva@cqu.edu.au Telephone: (02) 9324 5748 Office: Level 2, 400 Kent Street, Sydney Campus. If you have any individual queries, please email me and I'll try to get back to you within a day or so. For an individual discussion, please phone during work hours (leave a message if I'm not in and I'll return your call as soon as I can).
1 Written Assessment
This assessment task relates to the Unit Learning Outcome 2 and can be undertaken in a group of up to 4 students or individually. You will analyse the scenario given in this assessment item, develop and produce a written report on the guidelines for the given information security policy.
Distance students can form groups with on-campus students as well.
Further details of this assessment task will be provided on the Moodle unit website.
Week 7 Monday (27 Aug 2018) 8:00 am AEST
Each of you in the group must upload the same written report to Moodle as a Microsoft Office Word file by the above due date.
Week 9 Monday (10 Sept 2018)
You are assessed mainly on your ability to analyse the given scenario and develop the guidelines for the given information security policy. Please see the unit website for more specific marking criteria.
- Develop the guidelines for an information security policy for an organisation
- Knowledge
- Communication
- Cognitive, technical and creative skills
- Research
- Self-management
- Ethical and Professional Responsibility
2 Group Discussion
This assessment task relates to the Unit Learning Outcomes 1 and 5, and can be undertaken in a group of up to 4 students or individually. During weeks 3, 4, 5, 6 and 7, each one of you will contribute to your group discussion in Group Discussion Forum in Moodle by addressing the specified tasks in relation to the information security issues of the organisation in the given scenario of this assessment item.
Each one of you in the group should copy/paste your individual contributions to a Word document and upload it to Moodle by the deadline in Week 8.
Distance students can form groups with on-campus students as well. Further details of this assessment task will be provided on the Moodle unit website.
Week 8 Monday (3 Sept 2018) 8:00 am AEST
Contributions during each week from weeks 3-7 should be concluded by 11.30 pm, Friday of the respective week. Each of you in the group should copy/paste your contributions to a Word document and upload it to Moodle by the above deadline.
Week 10 Monday (17 Sept 2018)
You are assessed on your individual contributions provided to your group discussion by addressing the specified tasks in relation to the information security issues of the organisation in the given scenario in this assessment item.
Please see the unit website for more specific marking criteria.
- Analyse the information security policies and programs of organisations based on national and international standards
- Compare and contrast the laws and ethics of information security management.
- Knowledge
- Communication
- Research
- Self-management
- Ethical and Professional Responsibility
3 Written Assessment
This assessment task relates to the Unit Learning Outcomes 3 and 4, and can be undertaken in a group of up to 4 members or individually.
You will apply the principles of information security risk management as well as information security certification and accreditation to the organisation in the given scenario of this assessment item and produce a written report.
Distance students can form groups with on-campus students as well.
Further details of this assessment task will be provided on the Moodle unit website.
Week 12 Monday (1 Oct 2018) 8:00 am AEST
Each of you in the group must upload the same written report to Moodle as a Microsoft Office Word file by the above due date.
On Certification Day
You are assessed on your ability to apply the principles of information security risk management as well as information security certification and accreditation to the organisation in the given scenario.
Please see the unit website for more specific marking criteria.
- Apply information security risk standards to protect information assets in organisations
- Justify information security certification and accreditation required in relation to personnel and information security of an organisation
- Knowledge
- Communication
- Cognitive, technical and creative skills
- Research
- Self-management
- Ethical and Professional Responsibility
As a CQUniversity student you are expected to act honestly in all aspects of your academic work.
Any assessable work undertaken or submitted for review or assessment must be your own work. Assessable work is any type of work you do to meet the assessment requirements in the unit, including draft work submitted for review and feedback and final work to be assessed.
When you use the ideas, words or data of others in your assessment, you must thoroughly and clearly acknowledge the source of this information by using the correct referencing style for your unit. Using others’ work without proper acknowledgement may be considered a form of intellectual dishonesty.
Participating honestly, respectfully, responsibly, and fairly in your university study ensures the CQUniversity qualification you earn will be valued as a true indication of your individual academic achievement and will continue to receive the respect and recognition it deserves.
As a student, you are responsible for reading and following CQUniversity’s policies, including the Student Academic Integrity Policy and Procedure. This policy sets out CQUniversity’s expectations of you to act with integrity, examples of academic integrity breaches to avoid, the processes used to address alleged breaches of academic integrity, and potential penalties.
What is a breach of academic integrity?
A breach of academic integrity includes but is not limited to plagiarism, self-plagiarism, collusion, cheating, contract cheating, and academic misconduct. The Student Academic Integrity Policy and Procedure defines what these terms mean and gives examples.
Why is academic integrity important?
A breach of academic integrity may result in one or more penalties, including suspension or even expulsion from the University. It can also have negative implications for student visas and future enrolment at CQUniversity or elsewhere. Students who engage in contract cheating also risk being blackmailed by contract cheating services.
Where can I get assistance?
For academic advice and guidance, the Academic Learning Centre (ALC) can support you in becoming confident in completing assessments with integrity and of high standard.