This assignment assesses your understanding in relation to three course objectives:
1. analyse information security vulnerabilities and threats and determine appropriate controls
that can be applied to mitigate the potential risks
2. explain why continual improvement is necessary to maintain reasonably secure
information systems and IT infrastructure and to describe the role of disaster recovery and
business continuity plans in recovering information and operational systems when systems
and hardware fail
4. demonstrate an ability to communicate effectively both written and orally about the
management of information security in organisations.
This assignment relates to the topics covered in modules 1 to 11. This assignment can be
completed by a team of two students or as an individual assignment. If you wish to work in a
Team of two students, you will need to contact the Course examiner and/or Tutor and provide
your student no and full student name via email at least two weeks in advance of the due date
for this Assignment 2. Each team member or if a student is completing this assignment as an
individual will be required to keep a reflective journal of their activities and progress related
to completing this assignment 2. A journal will form part of the assessment for this assignment. In
date order clearly list the following journal entries in a Table:
? Team member (s) responsible
? date of research activity/discussion
? topics researched or discussed
? time duration of activity
? reflection on contribution of activity/discussion to completion of assignment 3
This journal for each team member or for an individual if you completing this assignment on your
own needs to be included as an appendix to the Assignment 2 Report. Any reference to web pages
and on line resources such as white papers, blogs, wikis etc. should be listed at the end of the