ISYS6002: Assessment 2
ISYS6002 | Assessment 2 1
| Task: | Case Study |
| Unit Objectives: LO1, LO2, LO3, LO4 | |
| Due Date: Weight: |
Friday Week 6, 11:59 pm 50% |
Description:
This assessment item has been designed to assess
your knowledge and practical skills you have
acquired as you progress through the unit. You
should begin preparing for this assessment from
week 1. The Case Study is multifaceted and
challenging. You will be required to consult
additional task resources on MySCU as you
progress through each step of this assessment.
Task Background:
You are a cybersecurity professional employed with
one of the ‘big 4’ consulting companies (e.g., Deloitte,
EY, PWC, KPMG) working with a portfolio of clients
from different sectors (e.g., banking, education,
government, retail). You will be required to provide
professional cybersecurity advice to these clients.
You will be advised as to your client by your tutor.
Your clients all have significant online presence and
many work in a high-risk environment. The threats of
cyber-attacks are ever present, and the need to
secure electronic data, online ordering and billing
services, customer and employee data,
communications with customers; all aspects of their
business, is critical for your clients ongoing viability.
As part of your engagement with any client you ask
them to respond to some general questions (a ‘cyber
audit’), in order to scope how this company is initially
viewing cyber security. Some suggested questions
are found in the appendix of this document and
further tasks will be found, and updated, on MySCU.
Note: Your client will be your tutor and you will have
deadlines to meet in asking them questions for the
audit and subsequent tasks thereafter.
Marking Criteria:
The rubric for this assignment is available on the
MySCU site and will give the criteria for marking. Also
see the appendix for more information.
Submission details and extension policy:
When you have completed the
assignment, you are required
to submit your assignment in
the PDF/DOC format as per previous assessments.
Students wanting an extension must make an
application via the designated portal and the request
and in line with University policy
(https://www.scu.edu.au/current-students/studentadministration/special-consideration/).
A penalty of 5% of the total available grade will
accrue for each 24-hour period that an assessment
item is submitted late. Therefore, an assessment
item worth 40 marks will have 2 marks deducted for
every 24-hour period and at the end of 20 days will
receive 0 marks. Students who fail to submit
following the guidelines will be deemed to have not
submitted the assessment item and the above
penalty will be applied until the specified submission
guidelines are followed.
Getting Help:
This is your opportunity to apply your acquired
knowledge and display your understanding of the
fundamental concepts in the unit.
Since you are mastering fundamental skills, you are
permitted to work from the resources provided (and
others you find), but you must acknowledge direct
sources of information or assistance. This diagram
will help you understand where you can get help:
| Encouraged | Attribution Required |
| Not acceptable | Ask tutor |
Be aware if you do get help from one of the red
sources, you are at risk of failing the assignment, or
the unit.
Lecturer Tutors Online Resources Relatives
Students outside
unit
Contracted/Hired
help Classmates Private Tutors
Other
ISYS6002: Assessment 2
ISYS6002 | Assessment 2 1
Appendix A
Please not these cyber audit questions are
suggestions only. For you to be successful in this
case study and achieve higher grades, using
knowledge you acquire in the unit you will also be
expected to edit, refine and develop your own
questions.
• Describe your company in terms of the
goods and/or services that are available,
processing times for orders, number of
employees, and number of offices in
Australia.
• Why is your company implementing
cybersecurity?
• Is your company implementing cyber
security in each location/branch?
• How is your company addressing cyber
security policies and procedures?
• What are your general thoughts, and what
are you doing towards cyber security
prevention and defence strategies?
• Describe how a cyber security event may be
handled?
• Describe how you will be using antivirus. Will
office devices be updated with a USB, auto
update from the anti-virus provider (e.g.,
cloud) or using an updating service?
• How will the company address controlling
and monitoring safe internet use?
• Describe how you would backup and restore
the company’s network?