CT058-3-M-ISA (Information Security Architectures)

ASIA PACIFIC UNIVERSITY OF TECHNOLOGY & INNOVATION

CT058-3-M – ISA (Information Security Architectures)
Individual Assignment

Intake : UCMP1810
Lecturer : Dr. Maryam Shahpasand
Email ID : maryam.shahpasand@staffemail.apu.edu.my

Learning Outcomes
1. Appraise the components of information security architectures (ISA) based on organization’s
needs and requirements.
2. Compare and contrast available models and frameworks of information security and
architectures.
3. Evaluate issues in information security architectures in terms of design and implementation by
describing appropriate evaluation methods and justifying your choices.
4. Propose practical solutions in designing and implementing information security architectures
based on given scenarios.

Assignment Overview

This individual assignment will contribute 50% to the module assessment. The report must be typed with
Times New Roman font and size 12 with maximum length of 6000 words (excluding diagrams, appendixes
and references)

Scenario:
You are an IT manager in a private limited status company. Your company provides Service Integration
and Managed Security Services to multiple local and small SME organizations. Running a team of 10
engineers (4 specializing in systems, 3 in networking, and 3 in applications) who develop solutions and
administer clients’ environment, business had been good and very profitable. In recent times, the CEO of
your organization decides to venture into larger markets. In order for this, he realized the company needed
to undergo a substantial, structural transformation. The company needs to conform to international
standards in the management of information systems security. Your CEO sends you for Information
Security Management Architecture training to learn and facilitate this. You are also promoted to a CISO
role. Everything else formerly in your scope as IT manager remained the same.
As your first task, identify and investigate the potential issues in the existing design and implementation of
Information Security Architecture for the organization. Based on the research findings and the attached
sample, Analyse the independent variable, modeling techniques, evaluation criteria. Using appropriate

1
CT058-3-M-ISA (Information Security Architectures)

evaluation methods, you are required to research and evaluate these issues and risks to be presented to the
CEO, with proper justifications.

Guidelines for the Report

Document the results of your work in a professional and systematic manner and submit one soft copy and
one hard copy. Your completed documentation should meet the following requirements:

1. Table of contents for every detailed chapter/section.

2. Introduction
3. Chapters / Sections
4. Conclusion
5. References
6. Appendices

Submission requirements

1. A CD containing an electronic version of the document.

2. Your report must be typed using Microsoft Word with Times New Roman font with 1.5 spaces.

3. The report has to be well presented and should be typed.

4. Ensure that the report is printed on standard A4 (210 X 297 mm) sized paper. Paper weight of 80 grams
and above is highly recommended.

5. The report should have a one (1”) margin all around the page as illustrated below:

1 inch 1 inch
1 inch

1 inch

The Typed Text

1 inch

1 inch

1 inch 1 inch

6. Every report must have a front cover. A transparent plastic sheet can be placed in front of the report to
protect the front cover. The front cover should have the following details:-

a) Name
b) Intake code.
c) Subject.

2
CT058-3-M-ISA (Information Security Architectures)

d) Project Title.
e) Date Assigned (the date the report was handed out).
f) Date Completed (the date the report is due to be handed in).

7. All information, figures and diagrams obtained from external sources must be referenced using the
Harvard referencing system accordingly.

Marking Scheme

The marking table must be placed on a single page, located as either the second or third page of the final
assignment documentation.

Student’s Name: __________________________

TP Number: ______________________________

Marking Criteria Weightage Marks Allocation

Assumptions 10

3
 CT058-3-M-ISA (Information Security Architectures)

Impact of the selected technique/

tool/framework on the security 15

Evaluation of Issues/ At Risk 15

Critical Analysis & Justification 20

Technical Accuracy 10

Self-development 10
Referencing 10
Presentation / Demonstration 10

Total Marks (100)

MARKING RUBRIC

Criteria 0-1.0 1.5-2.0 2.5-3.0 3.5-4.0 4.5-5.0 Weight Score

(Fail) (Marginal (Pass) (Credit) (Distinction)
Fail)

4
 CT058-3-M-ISA (Information Security Architectures)

No introduction. Incomplete Sufficient Good Very good

Objectives and introduction of quality of introduction, introduction,
scope are not the assignment. introduction. including including
clear, no Objectives, explanation explanation on
limitation. Objectives, scope and on the the objectives,
Assumptions scope and limitation of objectives, scope and
No additional limitation of the the proposed scope and limitation of the
assumptions for proposed plan plan are limitation of proposed plan
the scenario are defined. 2 10
clearly the proposed
defined plan Provides
Very limited detailed and
assumptions for Provides Provides challenging
the scenario sufficient detailed assumptions for
assumptions assumptions the scenario
for the for the
scenario scenario

Incomplete / Appropriate Good Very good Excellent

improper selection of selection of selection of selection of
selection of technique / tool technique / technique / technique / tool
technique / tool / / framework. tool / tool / / framework.
framework. Not Provides framework. framework. The students
able to provide limited Able to The student has covered
Impact of the
sound discussion discussion provide good has covered most of the
selected 3 15
regarding the regarding the discussion on most of the impacts of
technique/tool/
impact on impact on the selected impacts of selected
framework on
security security topic covers selected techniques with
the security
some impacts techniques justifications,
on security with supported by
justifications research work
(citation)

Weak evaluation Satisfactory Good Very good Excellent

of design and evaluation of evaluation of evaluation of evaluation of
implementation design and design and design and design and
issues and implementation implementati implementati implementation
evaluation issues but on issues but on issues by issues by
Evaluation of
methods were not evaluation with limited describing describing 3 15
Issues
exist methods were discussion on appropriate appropriate
rather weak evaluation evaluation evaluation
methods and methods but methods and
justifications with limited justifying the
justifications choices

5
 CT058-3-M-ISA (Information Security Architectures)

Almost no Limited Sufficient Good Very good

analysis, analysis, analysis, analysis, analysis,
comparison and comparison and comparison comparison comparison and
evaluation of evaluation of and and evaluation of
facts presented. facts. Very less evaluation of evaluation of facts. Good
Not able to critical facts. facts. Good critical
Critical
justify the plan discussion. Minimal critical discussion and
Analysis & 4 20
Limited critical discussion justification
Justification
justification of discussion. and provided, with
the plan Able to justification supporting
justify the of the plan, evidence.
plan, with but lack of
sufficient evidence
details

Incomplete Contains only Contains Contains all Contains all of

work. Missing some of the most of the of the the requested
most of the requested requested requested content
Technical requested content content content elements in the
content elements elements in the elements in elements in technical 2 10
Accuracy
in the technical technical the technical the technical discussion; with
discussion discussion discussion discussion proper
organization

No new or Some skills Sufficient Good skills Excellent level

existing skills developed skills developed, of skill
developed or not either existing developed and most of development in
Self-
much on the way or totally new according to them are relation to the 2 10
development
of totally new but in basic to the newly selected topic.
learning moderate level. appropriate acquired
undertaken level. skills

No in-text Minimal in-text Sufficient Recent source Very good

citation and very citation and number of of references quality of
minimal references used. references used, with references used,
references used. Minor issues in and citation proper with proper
Referencing Major issues in the referencing in the report. reference list. citation and 2 10
the referencing format. No issue in Limited in- reference list
format. the text citation for all facts and
referencing in the report diagrams used
format

6
 CT058-3-M-ISA (Information Security Architectures)

No presentation Late Adequate Good Very good

presentation presentation delivery, delivery,
(without notice) skills. Fair clarity and presentation is
organization organization convincing.
Lack of clarity, and flow of of
organization presentation. presentation. Demonstrate
Presentation / and flow of good ability to 2 10
Demonstration presentation. Not very Has ability to handle
good in handle questions posed
handling questions
questions and posed
answer
session

Total Marks 100