ICTCYS606 Student Assessment Tasks 1

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Assessment Details Qualification Code/Title Assessment Type Assessment 1 Time allowed Due Date Location Term / Year Unit of Competency National Code/Title ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Student Details Student Name Student ID Student Declaration: I declare that the work submitted is my own and has not been copied or plagiarised from any person or source. Signature: ____________________________ Date: _____/_/_________ Assessor Details Assessor’s Name RESULTS (Please Circle) ☐ SATISFACTORY ☐ NOT SATISFACTORY Feedback to student: *If Student is Not Satisfactory Reassessment Required ☐ Yes ☐ No Assessor Declaration: I declare that I have conducted a fair, valid, reliable and flexible assessment with this student, and I have provided appropriate feedback. Signature: ________________________ Date: ______/_______/___________ Comment: Instructions to the Candidates  This assessment is to be completed according to the instructions given below in this document.  Should you not answer the tasks correctly, you will be given feedback on the results and gaps in knowledge. You will be entitled to one (1) resubmit in showing your competence with this unit.  If you are not sure about any aspect of this assessment, please ask for clarification from your assessor.  Please refer to the College re-submission and re-sit policy for more information.  If you have questions and other concerns that may affect your performance in the Assessment, please inform the assessor immediately.  Please read the Tasks carefully then complete all Tasks.  To be deemed competent for this unit you must achieve a satisfactory result with tasks of this Assessment along with a satisfactory result for another Assessment.  This is an Open book assessment which you will do in your own time but complete in the time designated by your assessor. Remember, that it must be your own work and if you use other sources then you must reference these appropriately  Submitted document must follow the given criteria. Font must be Times New Roman, Font size need to be 12, line spacing has to be Single line and Footer of submitted document must include Student ID, Student Name and Page Number. Document must be printed double sided.  This is Individual Assessments. Once you have completed the assessment, please provide the Hard copy of the Assessments to your Trainer/ Assessor.  Plagiarism is copying someone else’s work and submitting it as your own. Any Plagiarism will result in a mark of Not Satisfactory. SCCM uses Safe Assign Plagiarism Checker to check the originality of the student assessment. Student must be aware of and understand the SCCM’s policy on plagiarism and certify that this assignment is their own work , except where indicated by referencing, and that student have followed the good academic practices noted above. © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 1 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Introduction The assessment tasks for ICTCYS606 Evaluate an organisation’s compliance with cyber security standards and laws are outlined in the assessment plan below. These tasks have been designed to help you demonstrate the skills and knowledge that you have learnt during your course. Please ensure that you read the instructions provided with these tasks carefully. You should also follow the advice provided in the IT Works Student User Guide . The Student User Guide provides important information for you relating to completing assessment successfully. Assessment for this unit ICTCYS606 Evaluate an organisation’s compliance with cyber security standard and laws describes the skills and knowledge required to identify cyber security standards and laws and evaluate an organisation’s working practices and compliance to these standards and laws as well as determine changes required to continue compliance. For you to be assessed as competent, you must successfully complete two assessment tasks:  Assessment Task 1: Knowledge questions – You must answer all questions correctly.  Assessment Task 2: Project – You must work through a range of activities and complete a project portfolio. s © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 2 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Questions Provide answers to all the questions below: 1. Document and describe three cyber security risks. Cyber security risk Description Outcome ☐ Satisfactory ☐ Not Satisfactory Comment 2. Explain what is meant by tolerance of risk relevant to cyber security. Give examples of high, medium and low risk tolerance. Outcome ☐ Satisfactory ☐ Not Satisfactory Comment © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 4 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law 3. Complete the table below by describing the relevance of each of the following standards and laws to cyber security. Standards and laws Relevance to cyber security and risk management and web site reference Data protection and privacy - Privacy Act 1988 Notifiable data breaches - Privacy Amendment (Notifiable Data Breaches) Act 2017 Standards - Essential Eight Strategies Outcome ☐ Satisfactory ☐ Not Satisfactory Comment 4. List three examples of business process and cyber security requirements associated with these requirements. Business process Example of a cyber security requirement Outcome ☐ Satisfactory ☐ Not Satisfactory © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 5 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Comment 8. List and describe three other types cyber security incidents (including security vulnerabilities). Ransomware Data encryption leading to cost in ransom Outcome ☐ Satisfactory ☐ Not Satisfactory Comment © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 7 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Assessment Task 1: Checklist © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 8 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0 Student’s name: Did the student provide a sufficient and clear answer that addresses the suggested answer for the following? Completed successfully? Yes No Question 1 Question 2 Question 3 Question 4 Question 5 Question 6 Question 7 Question 8 Task outcome:  Satisfactory  Not satisfactory Assessor signature: Assessor name: Date: