ICTCYS606 Student Assessment Tasks 2 (1)

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Assessment Details Qualification Code/Title Assessment Type Assessment 2 Time allowed Due Date Location Term / Year Unit of Competency National Code/Title ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Student Details Student Name Student ID Student Declaration: I declare that the work submitted is my own and has not been copied or plagiarised from any person or source. Signature: ____________________________ Date: _____/_/_________ Assessor Details Assessor’s Name RESULTS (Please Circle) ☐ SATISFACTORY ☐ NOT SATISFACTORY Feedback to student: *If Student is Not Satisfactory Reassessment Required ☐ Yes ☐ No Assessor Declaration: I declare that I have conducted a fair, valid, reliable and flexible assessment with this student, and I have provided appropriate feedback. Signature: ________________________ Date: ______/_______/___________ Comment: Instructions to the Candidates  This assessment is to be completed according to the instructions given below in this document.  Should you not answer the tasks correctly, you will be given feedback on the results and gaps in knowledge. You will be entitled to one (1) resubmit in showing your competence with this unit.  If you are not sure about any aspect of this assessment, please ask for clarification from your assessor.  Please refer to the College re-submission and re-sit policy for more information.  If you have questions and other concerns that may affect your performance in the Assessment, please inform the assessor immediately.  Please read the Tasks carefully then complete all Tasks.  To be deemed competent for this unit you must achieve a satisfactory result with tasks of this Assessment along with a satisfactory result for another Assessment.  This is an Open book assessment which you will do in your own time but complete in the time designated by your assessor. Remember, that it must be your own work and if you use other sources then you must reference these appropriately  Submitted document must follow the given criteria. Font must be Times New Roman, Font size need to be 12, line spacing has to be Single line and Footer of submitted document must include Student ID, Student Name and Page Number. Document must be printed double sided.  This is Individual Assessments. Once you have completed the assessment, please provide the Hard copy of the Assessments to your Trainer/ Assessor.  Plagiarism is copying someone else’s work and submitting it as your own. Any Plagiarism will result in a mark of Not Satisfactory. SCCM uses Safe Assign Plagiarism Checker to check the originality of the student assessment. Student must be aware of and understand the SCCM’s policy on plagiarism and certify that this assignment is their own work , except where indicated by referencing, and that student have followed the good academic practices noted above. © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 1 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Introduction The assessment tasks for ICTCYS606 Evaluate an organisation’s compliance with cyber security standards and laws are outlined in the assessment plan below. These tasks have been designed to help you demonstrate the skills and knowledge that you have learnt during your course. Please ensure that you read the instructions provided with these tasks carefully. You should also follow the advice provided in the IT Works Student User Guide . The Student User Guide provides important information for you relating to completing assessment successfully. Assessment for this unit ICTCYS606 Evaluate an organisation’s compliance with cyber security standard and laws describes the skills and knowledge required to identify cyber security standards and laws and evaluate an organisation’s working practices and compliance to these standards and laws as well as determine changes required to continue compliance. For you to be assessed as competent, you must successfully complete two assessment tasks:  Assessment Task 1: Knowledge questions – You must answer all questions correctly.  Assessment Task 2: Project – You must work through a range of activities and complete a project portfolio. © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 2 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Activities Complete the following activities: 1. Carefully read the following: This assessment tasks requires you to identify cyber security standards and laws and based on this evaluate an organisation’s compliance with these, as well as changes that are required. This project can be based on the case study business in the ICTCYS606 simulation pack or you may like to base this on your own business, or a business you are currently working for or are familiar with. Speak to your assessor to get approval if you want to base this on your own business or one you work for. 1. Planning Make sure you are familiar with the business you are basing this assessment on and have read through the necessary background information and policies and procedures. For the case study business, this is all of the documents included in the ICTCYS606 simulation pack. If it’s your own business or a business where you are working or are familiar with, it’s important at this step that you have your business or case study approved by your assessor. Complete Page 4 of your Project Portfolio for this unit. Read through the requirements of Section 1, 2, 3 and 4 of your Project Portfolio . 2. Research You are now to complete Section 1 of your Project Portfolio . When you complete Section 1, you need to:  Research and report on standards and laws relevant to cyber security and the organisation’s operations.  Review and report on the organisation’s existing cyber security compliance strategies.  Determine the time period during which you will evaluate compliance with cyber security standards and laws, as well as benchmarks. Complete Section 1 of your Portfolio. © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 4 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law 3. Compliance assessment preparation You are now to prepare to conduct your compliance assessment. Assume that you have been instructed to focus your compliance assessment on;  Surveying employees to find out their knowledge on security and compliance issues.  Reviewing the company’s cyber security policy and procedures. To survey employees, you will need to develop a number of questions to find out about knowledge of cyber security and compliance issues. Develop your questions for use in the next activity. Note these questions down in your Section 2 of your Portfolio. 4. Compliance assessment You are now to conduct your compliance assessment. First of all conduct your survey of employees. If you are completing this in your RTO this will be in a roundtable discussion with a small group of students ( 4 – 5 students) who are also studying this unit. Each person will ask questions about other students’ knowledge of cyber security and compliance issues. Make notes on the discussion for use in the next assessment. If you are completing this at work, you may survey employees in any appropriate way such as through a meeting or survey. Following the survey of employees, you are also to review and evaluate the Cyber Security Policy and Procedures. You may either review the Cyber Security Policy and Procedure in the simulation pack or your workplace’s procedure. Complete Section 3 of your Portfolio to report on your findings. Your findings should include areas of non-compliance/near misses as relevant. 5. Compliance strategy Now that you have completed your compliance assessment, you are to develop a strategy to address compliance requirements and to ensure that the organisation is continually meeting its obligations. Once you have developed your Strategy, submit your Portfolio to your assessor and request feedback (follow the instructions in your Portfolio. You will also need to document their feedback and respond to it before finalising your Portfolio and submitting it to your assessor. Submit Section 4 of your Portfolio on completion of all of the above. © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 5 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Assessment Task 2: Checklist Student’s name: Did the student: Completed successfully? Comments Yes No Identify standards and laws required for the organisation’s cyber security operations and summarise findings? Analyse cyber security laws and standards and how these relate to the organisation’s cyber operations? Obtain and analyse organisation’s existing cyber security compliance strategies? Document analysis of cyber security compliance strategies review? Determine the time period for undertaking the compliance evaluation, as well as the benchmarks that will be used? Conduct compliance assessment following instructions provided? Document the findings of the compliance assessment findings in the Portfolio? Identify and document areas of non- compliance and near misses? Develop and document all compliance requirements? Develop an ongoing evaluation strategy for cyber security? Submit requirements to assessor? Submit all documents and seek and respond to feedback? Task outcome:  Satisfactory  Not satisfactory Assessor signature: Assessor name: Date: Student Overall Assessment Record Sheet This form is to be completed by the assessor and used a final record of student competency. © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 7 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0

ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law All student submissions including any associated checklists (outlined below) are to be attached to this cover sheet before placing on the students file. Student results are not to be entered onto the Student Database unless all relevant paperwork is completed and attached to this form. Qualification Code and Title Student Name: Student ID No: Final Completion Date: Unit Code and Title ICTCYS606 Evaluate an organisation’s compliance with relevant cyber security standards and law Term Year Date Assessed Please attach the following documentation to this form Result Assessment 1 ☒ Knowledge Questions ☐ S ☐ NYS ☐ DNS Assessment 2 ☒ Project Portfolio ☐ S ☐ NYS ☐ DNS Final Assessment Result for this unit ☐ C ☐ NYC C=Competent NYC= Not Yet Competent S= Satisfactory NYS= Not Yet Satisfactory DNS= Did Not Submit Feedback: Any Adjustment Made to The Assessment: Student Declaration: I declare that this work has been completed by me honestly and with integrity and that I have been assessed in a fair and flexible manner. I understand that the Institute’s Student Assessment, Reassessment and Repeating Units of Competency Guidelines apply to these assessment tasks. Name : ____________________________ ________________ Signature: _________________________________________ Date: ____/_____/_____ Assessor Declaration: I declare that I have conducted a fair, valid, reliable and flexible assessment with this student, and I have provided appropriate feedback. Name: _________________________________ Signature: ______________________________ Date: ____/_____/_____ Administrative use only Entered onto Student Management Database  ________________ Date Initials © Sydney City College of Management Pty Ltd RTO: 45203 CRICOS: 03620C Date Revision date Version Page 8 of 8 File Name: ICTCYS606 Student Assessment April 2023 April 2024 1.0