CIS7028 Discriminate between data management policies associated with Data Protection and the Regulation of Investigatory Powers..

CIS7028 Information Security - Cardiff Metropolitan University

Learning Outcome 1: Critically discuss the threats to information storage within a system and appreciate the main types of computer crime

Learning Outcome 2: Appraise approaches to information security and forensic investigation of prominent cyber offences;

Learning Outcome 3: Analyse the technical issues relating to the transmission and storage of data and information relating to Cloud Computing and Big Data

Learning Outcome 4: Discriminate between data management policies associated with Data Protection and the Regulation of Investigatory Powers.

Assessment Requirements

Task 1 (2000 words):Choose one of the activities described below.

Activity 1

Assume you have been hired as a security consultant by a large scale enterprise to provide them below information and recommendations. The enterprise`s Chief Information Officer (CIO) has recently come to know about ISO27001 and wants to know your opinion about alternative standards, its wider benefits to the organization, how to implement the critical elements of ISO27001 and auditing and certification process. Prepare a report covering below details.
Task 1.1 (750 words):

Alternative standards (Cyber essentials) and wider benefits of ISO27001 to the organization

Task 1.2 (1000 words):

Main clauses need to implement under ISO27001 (750 words)

Security control objectives applicable for the chosen company (250 words)
Task 1.3 (250 words):

Auditing and certification process of ISO27001