1 | P a g e
ACCG8086 Cybersecurity, Governance Frameworks and Ethics
Strategy Cybersecurity Roadmap/Plan for the Board
Due Week 7 (Sunday 26 April 2020)
Value: 30 per cent of final marks
Updated COVID-19 25 March 2020
The assessment task aim is to develop a Cybersecurity Roadmap/Plan for Board members targeted for a specific company.
Instructions
1. Download and Read the Framework for Improving Critical Infrastructure Cybersecurity Version 1.1 National Institute of Standards
and Technology (NIST) (available here: https://www.nist.gov/cyberframework/framework). The Framework is designed to be a key part of an
organisation’s systematic process for identifying, assessing, and managing cybersecurity risk.
2. Find a recent (2019/2020) case study relating to a data breach (this website might be useful: https://www.databreachtoday.com/cybercrime-c-
416). Investigate the breach (including finding other sources) and explain why you selected the case study, who was responsible for the
breach, the consequences and actions taken.
3. Develop a cybersecurity roadmap/plan for the case study organisation you selected to present to the Board. Use the relevant components of
the Framework for Improving Critical Infrastructure Cybersecurity Version 1.1 National Institute of Standards and Technology to structure
your report (justify your selection of components).
4. Using the roadmap/plan critically evaluate how your case study organisation could have avoided the breach.
Report Requirements
1. Write a report that addresses the areas outlined above. The report should not exceed 3,000 words (between 6 and 8 pages depending on the Font
style selected). The word count excludes the reference list, title page, table of contents and appendices – if applicable. The report should be in 12-point
font, single-spaced in word processing software such as Microsoft Word. The report should have appropriate headings and subheadings (including a
cover page, an introduction and conclusion).
2. This report must use scholarly articles to support any claims you make. You must use the Harvard referencing style (see
http://libguides.mq.edu.au/Referencing).
3. Take advantage of the resources available to you. Learning skills workshops https://students.mq.edu.au/support/study/skillsdevelopment/workshop-calendar are highly recommended. Other resources are available here: https://students.mq.edu.au/support/study/skillsdevelopment.
4. Review the marking rubric so that you understand how you will receive feedback.
5. You need to upload your assignment to http://ilearn.mq.edu.au by 23:00 26th April. Otherwise, your assignment will be considered late (see unit
guide for penalties).
2 | P a g e
ACCG8086 Cybersecurity, Governance Frameworks and Ethics
Strategy Cybersecurity Roadmap/Plan for the Board
Due Week 7 (Sunday 26 April 2020)
Value: 30 per cent of final marks
Updated COVID-19 25 March 2020
| Fail (0) | Fail | Pass | Credit | Distinction | High Distinction | Total | |
| Structure and clarity of work/ writing structure (including spelling/grammar/ paragraph structure) |
No attempt, or The report is difficult to comprehend and is inappropriately structured. |
Paragraphs are hard to follow, and the writing does not flow because of the lack of structure. Writing is very choppy. There are few to no transition statements which connect the ideas in work. Work is difficult to comprehend because of grammar and spelling errors or there are many incomplete or run on sentences. It appears that grammar and spell-check were not used. |
Many paragraphs lack a topic sentence, or the detail sentences do not flow from the topic sentence. Detail sentences do not follow the order introduced in the topic sentence. Work is hard to follow because of the paragraph structure. The writing is choppy, and the reader doesn’t understand how we got to the current topic or concept from the previous one. There are many errors in grammar and spelling. It appears that grammar and spell check were not used — incomplete or run-on sentences throughout the report. |
Nearly all paragraphs have a topic sentence and detail sentences which flesh out the topic. Some paragraphs do not flesh out the topic in the order introduced in the topic sentence. There are some places where the reader doesn’t understand how the previous concept or topic connects to the current one. Few errors in grammar, spelling, or sentence structure |
All paragraphs have a topic sentence. Detail sentences flesh out the information from the topic sentence in the order introduced in the topic sentence. End of paragraph leads into the next topic. There are some places where the reader doesn’t understand how the previous concept or topic connects to the current one. Excellence in grammar, spelling, and sentence structure. Sentences are not too long and are complete sentences. |
All paragraphs have a topic sentence. Detail sentences flesh out the information from the topic sentence in the order introduced in the topic sentence. End of paragraph leads into the next topic. The reader experiences no interruption to the flow and understands how each concept or topic connects to the previous one — excellence in grammar, spelling, and sentence structure. Sentences are not too long and are complete sentences. |
/4 |
| Case Study | No attempt, or The case is inappropriate, or there is no analyse or link to cybersecurity |
The case is irrelevant, with little or no analysis of the issues in the case study. |
The case selected is slightly relevant. Presents a superficial or incomplete analysis of some of the identified issues; omits some components. |
The case selected is relevant. Presents a good analysis of most of the issues identified; missing some necessary components. |
The case selected is relevant. Presents a thorough analysis of all identified issues/problems; includes all necessary components. |
The case selected is relevant. Presents an insightful and thorough analysis of all identified issues/problems; includes all necessary components. |
/6 |
3 | P a g e
ACCG8086 Cybersecurity, Governance Frameworks and Ethics
Strategy Cybersecurity Roadmap/Plan for the Board
Due Week 7 (Sunday 26 April 2020)
Value: 30 per cent of final marks
Updated COVID-19 25 March 2020
| Sources and Citations |
No attempt, or The sources are cited inconsistently or not at all. The Harvard referencing style is not used. |
Fewer than five current sources or fewer than two of five are peer reviewed journal articles or scholarly books. Not all web sites utilised are credible, and/or sources are not current. Does not cite data obtained from other sources or use the Harvard citation style in text or in the reference list. |
More than five current sources of which at least two are peer review journal articles or scholarly books. All web sites utilised are authoritative. All data obtained from other sources is cited. Harvard citation style is used in both intext and reference list. |
More than six current sources, of which at least three are peer-review journal articles or scholarly books. All web sites utilised are authoritative. Cites all data obtained from other sources. Harvard citation style is used in both intext and reference list. |
More than eight current sources, of which at least four are peer-review journal articles or scholarly books. All web sites utilised are authoritative. Cites all data obtained from other sources. Harvard citation style is used in both intext and reference list. |
More than ten current sources, of which at least six are peer review journal articles or scholarly books. Sources include both general background sources and specialised sources. Special interest sources and popular literature are acknowledged as such if they are cited. All web sites utilised are authoritative. Cites all data obtained from other sources. Harvard citation style is used in both text and reference list |
/4 |
| Strategic Security Roadmap |
No attempt, or The roadmap/plan shows no evidence of synthesis of ideas presented and insights gained throughout the report or linked to the NIST framework. |
The roadmap/plan does not clearly flow from the report, and/or misses key issues. The roadmap is not well organised and is not presented in a clear format relating to the NIST framework. |
The roadmap/plan shows little evidence of synthesis of ideas presented and insights gained from the report. Some conclusions flow from the report but miss key issues. The format is unclear and partially aligns with the NIST framework. |
The roadmap/plan shows some evidence of synthesis of ideas presented and insights gained throughout the report. The roadmap/plan logically flows from the report, but the logic may not always be clear. They are presented in a clear format and aligns with the components of the NIST framework. |
The roadmap/plan shows good evidence of synthesis of ideas presented and insights gained throughout the report. Conclusions logically flow from the report. They are presented in a clear format that align with justified components of the NIST framework. |
The roadmap/plan shows strong evidence of synthesis of ideas presented and insights gained throughout the report. Conclusions logically flow from the report fully developed. Conclusions are presented in a clear format aligned with appropriately justified NIST framework components. |
/10 |
4 | P a g e
ACCG8086 Cybersecurity, Governance Frameworks and Ethics
Strategy Cybersecurity Roadmap/Plan for the Board
Due Week 7 (Sunday 26 April 2020)
Value: 30 per cent of final marks
Updated COVID-19 25 March 2020
| Critically evaluate Case Study |
No attempt, or The evaluation shows a lack of understanding of cyber security concepts. |
Copies information without analysis of risks. The evaluation does not demonstrate that the author has fully understood and applied cyber security concepts. The position taken may be simplistic and obvious. Little or no awareness that position may have limits or context. |
The analysis is limited, somewhat inappropriate or little analysis of risks. May contain inaccuracies or omissions that interfere with analysis and/or meaning. The evaluation demonstrates that the author understands cyber security concepts. The evaluation is somewhat simplified, with some sense of multiple approaches. Minor or vague synthesis of perspectives. Some acknowledgement that the position taken may have limits. May not acknowledge context. |
The information is analysed for accuracy, relevance and validity relating to risks. Minor inaccuracies or omissions may interfere with analysis or meaning. The evaluation demonstrates that the author has applied cyber security concepts. The author acknowledges multiple approaches. Some synthesis of perspectives. May not fully acknowledge limits of position or context, but is aware of limits or context. |
The information is analysed for accuracy, relevance and validity relating to risks. Minor inaccuracies or omissions do not interfere with analysis or meaning. The evaluation demonstrates that the author has synthesized limited cyber security concepts. The author acknowledges multiple approaches. The author may not fully acknowledge limits of position or context, but is aware of limits or context. |
Clearly analyses information for accuracy, relevance, and validity relating to risks. Information clearly relates to meaning. The evaluation demonstrates that the author has synthesized various cyber security concepts. The author clearly applies a multidimensional approach by synthesizing various perspectives. Acknowledges limits of position or context. |
/6 |
| Total Points: | /30 |
The post ACCG8086 Cybersecurity appeared first on My Assignment Online.