ASSIGNMENT Qualification BTEC HND Diploma in Computing and Systems Development Unit number and title Unit 5: Security Assignment due December 26, 2018 Assignment submitted Learner’s name Assessor name Phan Minh Tam Learner declaration: I certify that the work submitted for this assignment is my own and research sources are fully acknowledged Learner signature Date Grading grid P5 P6 P7 Assignment title P8 M3 M4 M5 D2 D3 Assignment 2: In this assignment, you will have opportunities to provide evidence against the following criteria Indicate the page numbers where the evidence can be found December 26, 2018 Assessment criteria Expected evidence Task no LO3: Review mechanisms to control organisational IT security P5 Discuss risk assessment procedures P6 Explain data protection processes and regulations as applicable to an organisation Describe steps in a vulnerability assessment List in detail the actions under each step and what should expect in the assessment Discuss about the basic steps in securing a host system, why it is important, what antimalware software should be considered, etc Discuss about network security, include what it is, why it is important, and how it can be achieved using network devices, technologies, and design elements LO4 Manage organisational security P7 Design and implement a security policy for an organisation Explains what a security policy is, the security policy cycle, and the steps in developing a security policy Is the wireless network you own as secure as it should be? Examine your wireless network or that of a friend or neighbor and determine which security model it uses Next, outline the steps it would take to move it to the next highest level Assessor’s Feedback Estimate how much it would cost and how much time it would take to increase the level P8 List the main components of an organisational disaster recovery plan, justifying the reasons for inclusion Select four risks that your school or organization may face and develop a brief business continuity plan Assessment criteria Merit descriptor No (M3) Summarise the ISO 31000 risk management methodology and its application in IT security Merit descriptor No (M4) Discuss possible impacts to organisational security resulting from an IT security audit Merit descriptor No (M5) Discuss the roles of stakeholders in the organisation to implement security audit recommendations Expected Evidence Feedback (note on Merit/Distinction if applicable) Distinction descriptor No (D2) Consider how IT security can be aligned with organisational policy, detailing the security impact of any misalignment Distinction descriptor No (D3) Evaluate the suitability of the tools used in an organisational policy Summative feedbacks: Assessor’s Signature: Date: December 30, 2018 ... security P7 Design and implement a security policy for an organisation Explains what a security policy is, the security policy cycle, and the steps in developing a security policy Is the wireless... management methodology and its application in IT security Merit descriptor No (M4) Discuss possible impacts to organisational security resulting from an IT security audit Merit descriptor No (M5) Discuss... organisation to implement security audit recommendations Expected Evidence Feedback (note on Merit/Distinction if applicable) Distinction descriptor No (D2) Consider how IT security can be aligned