(Organisational Systems Security)

IT & Business
Unit 7 (Organisational Systems Security)

Assignment 1
Date Set : 4/03/13

298392347.doc
Written By: Kemi Ajose
Verified By: Sharon Muncie

Review Date : 25/03/13

Date Due : 22/04/13

(Organisational Systems Security)

Learning outcomes to be partially or fully covered

On completion of this unit a learner should:

Understand the impact of potential threats to IT systems

Know how organisations can keep systems and data secure.

Understand the organisational issues affecting the security of IT

systems.

Grading criteria
To achieve the Pass criteria
7.P.1

Explain the impact of different types of threat on an organisation.

7.P.2

Describe how physical security measures can help keep systems

secure.

7.P.3

Describe how software and network security can keep systems and
data secure.

To achieve the Merit criteria

7.M.1

Discuss information security

7.M.2

Explain the operation and use of an encryption technique in ensuring

security of transmitted information.

To achieve the Distinction criteria

7.D.1

Discuss different ways of recovering from a disaster.

298392347.doc
Written By: Kemi Ajose
Verified By: Sharon Muncie

(Organisational Systems Security)

Know your threats (Part 1)

Scenario
You work as a junior technician for Your-Tech, a small IT support company
that provides software and hardware support to a number of small and
medium sized businesses.
Your-Tech receives a lot of phone calls from users about security issues so it
is hoped that having this information available to them will reduce the number
of calls. A line manager has asked you to write a short guide to IT security
threats and their impact on the organisations.
Task 1
a) Explain the impact of different types of threats on an organisation. P1
This guide should include:
Potential threats, e.g. malicious damage(internal & external), threats related
to ecommerce, counterfeit goods, technical failures, other e.g. human error,
and theft of equipment.
Malicious damage: internal, external, access causing damage, e.g. viruses.
Access without damage, specific examples e.g. phishing, identity theft,
piggybacking, hacking
Threats related to e-commerce e.g. website defacement, control of access
to data via third party suppliers; other e.g. denial of service attacks
Counterfeit Goods: products, at risk e.g. software DVDs games, music,
distribution. Mechanisms e.g. boot sales, peer to peer networks
Organisational impact: loss of service loss of business or income e.g.
through loss of customer records; increased costs; poor image
b) Discuss information security M1

Add a section to your guide that discusses information security; include

confidentiality, data integrity, data completeness and access to data.

Secure your threats (Part 2)

Scenario
You are to give a presentation to an organisation describing how to keep their
systems and data secure.
Task 2
c) Describe how physical security measures can help keep systems
secure. P2.
This should include locks, visitors passes; sign in/out systems,
biometrics e.g. retinal scans, fingerprint, voice recognition;
others e.g. guards, cable shielding
298392347.doc
Written By: Kemi Ajose
Verified By: Sharon Muncie

(Organisational Systems Security)

Discuss in your presentation all types of physical security that you have
learned.

d) Describe how software and network security can keep systems and

data secure. P3.

This should include call back, Handshaking, diskless networks,
use of backups, Audit logs, firewall configurations, Virus
checking software, use of VPNs, Intrusion detection systems,
password, Level of access to data, software updating.
e) In a report explain the way that data transmitted over a network can be

protected by encryption. M2
The techniques could include public and private key.
f)

Discuss different ways of recovering from a disaster. D1

This should include discussion of how and when e.g. backup
systems, whole system replacement, tiers of recovery could
be used.

298392347.doc
Written By: Kemi Ajose
Verified By: Sharon Muncie

(Organisational Systems Security)

Work to be submitted

A soft plastic folder with:

Unit Record Sheet

Assignment Activity Front Sheet

Title page

Contents page

Completed Tasks for assessment criteria P1, P2, P3, M1, M2 and D1.

Part 1 Report using word document that includes;

o P1: The impact of different types of threat on an organisation.
o M1: Discuss information security
o M2: Explain the operation and use of an encryption technique in
ensuring security of transmitted information.

Part 2 A PowerPoint Presentation that includes

o P2: Physical security measures can help keep systems secure.
o P3: Software and network security can keep systems and data
secure.

Bibliography, Reference, Sources and Website Page/s.

298392347.doc
Written By: Kemi Ajose
Verified By: Sharon Muncie

(Organisational Systems Security)

Recommended Sources:
Indicative reading for learners
Textbooks
Anderson, Jarvis, Kaye, Lawson, McGill, Phillips and Smith Information
Technology: BTEC Level 3 (Book 1, 2010) ISBN 978-1-846909-28-3
Beekman G and Quinn M J Computer Confluence Complete: and
Student CD 1st international edition
(Pearson Education, 2005) ISBN-10 1405835796, ISBN-13 9781405835794
Heathcote P A Level ICT revised edition (Payne Gallway, 2004)
ISBN-10 0953249085,
ISBN-13 978-0953249084

Websites
www.acm.org Association of Computing Machinery
www.bcs.org British Computing Society
www.bsa.org.uk Business Software Alliance
www.fast.org.uk Federation against Software Theft
www.ico.gov.uk Information Commissioners Office

298392347.doc
Written By: Kemi Ajose
Verified By: Sharon Muncie