ICTM-2021A ICT Management Essential


Knowledge Assessment 2 – Written Submission

Q1. *An organisation, including telecommunication organisations, that deals with data has certain legislative requirements, both through data protection legislation and other associated Australian privacy laws as well as established international legislations and treaties relating to cyber security in order to fulfill security aspects of the data it handles.

In this context, briefly explain
1. The Privacy Act 1988 of Australia and provide a privacy legislation related to mobile telecommunication services in Australia
2. Privacy Amendment (Notifiable Data Breaches) Bill 2016 and name the organsation that handles complaints, conducts investigations and other regulatory action with regards to the same 3. Atleast two(2) Implications of Notifiable Data Breach legislation on an organisation
4. The Budapest Convention and briefly mention how this convention will allow Australian law enforcement agencies

Q2. *You have recently been hired as a data management consultant for an organisation where your primary role would be overall supervision of operations
related to data management. In this context, name and explain with a practical example, the policy commonly found in organisation policies and procedures documents in relation to each of the following:
1. Securely storing, sharing and managing information
2. Encryption and protocols for its uses
3. Data classification and management
4. Media/document labelling
5. Data governance
6. Acceptable use of ICT resources
7. Bring your own device

Q3. *In order for Government to prevent cyberrcrimes, it needs to identify the cyber threats in existance. In this context, provide five(5) Australian government sources of information on current threats

Q4. *Cyber attacks have risks associated with workplace cyber security. Briefly explain what is a cyber threat and summarize atleast two(2) risks associated with workplace cyber security.

Q5. *Assume you are the security engineer for an organisation named SuperFastT which specialises in data storage for many of its clients. The employees at this organisation work on a fly in fly out basis. Outline three(3) strategies and three(3) techniques you would like to devise for promoting workplace cyber security at your organisation.

Q6. *Briefly explain what is meant by Cyber security awareness. and briefly explain the techniques for:
1. implementing and promoting workplace cyber security awareness
2. facilitating training that promotes cyber security awareness, including the use of simulated activities.