Programme HND in Computing

Student Name

ANC ID

Unit Number and Title Unit 05: Security

Academic Year 2023 – FA23

Unit Tutor

Assignment Title Secure 2030: Security sector training event

Issue Date 18/11/2023

Submission Date 30/01/2024

Submitted on

Higher National Diploma in Computing

Student Declaration

Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the
consequences of plagiarism. I understand that making a false declaration is a form of
malpractice.

Student signature: Date:

Final Grade
Grade: Assessor Signature: Date:

Assessor Feedback:

Grade: Assessor Signature: Date:

Internal Verifier’s Comments:

Signature & Date:

Submission Guidelines

1. Use the cover page provided in the previous page as your cover sheet for the
assignment you will be submitting and ensure that all the details are accurately filled. All
assignments should have the submitted with the above cover page which is properly
filled.
2. Attach the assignment brief as the first section of your assignment (Including the
assignment criteria, summative feedback from and grading rubric).
3. Use an appropriate word processing software to develop your assignment.
4. Use A4 size pages for your assignments.
5. Use font size 11 if you are using Arial font and font size 12 if you are using Times New
Roman font for the body of your assignment.
6. Use font size 13 (bold) if you are using Arial font and font size 14 (bold) if you are
using Times New Roman font for Main headings. For Sub-Headings use font size 12
(bold) if you are using Arial font and font size 12 (bold) if you are using Times New
Roman.
7. Use black text on a white background. Avoid coloured backgrounds or text in a colour
other than black, unless you have special permission to use them.
8. Use 1.5 line spacing and 2.53 cm (1”) wide margins on all sides.
9. Justify your work (Ctrl+J).
10. Insert a footer on each page (except the title page) using font size 10 if you are using
Times New Roman and font size 8 if you are using Arial font. Include the following
details in the footer; Full Name, Student ID, Unit and the Page Number.
11. Avoid using page borders in your assignment body.

Important

1. All submissions should accompany a Turnitin Report. Any assignment which does not
include a Turnitin Report will not be processed for grading. You are required to attached
the Turnitin report to the end of your assignment. For this you can use file merging
option.
2. Do note that submission of the Turnitin report as an assignment will not be accepted
and will not be graded. In case a student has submitted a Turnitin Report only, without the
assignment, that student will be awarded a ‘Fail’ grade.
3. It is strictly prohibited to use texts in the form of images in your work or use text
boxes to present information other than to label a table or a figure.
4. Check the submission date of your assignment and submission instructions carefully.
Late submissions will not be accepted.
5. Ensure that you give yourself enough time to complete the assignment by the due date
and you are responsible for managing your own time effectively.
6. If you are unable to hand in your assignment on time and have valid reasons, you may
apply (in writing) for extensions stating Extenuating Circumstance to AAO.
7. For all late submissions the final grade will be capped at a ‘Pass’.
8. Failure to achieve the Pass criteria will result in a Referral grade.
9. Non-submission of work without valid reasons will lead to an automatic Failure and
you will be asked to complete an alternative assignment.
10. If you use ideas or work of other people in your assignment, reference them properly
using Harvard Referencing system to avoid plagiarism. You have to provide both in-text
citation and a reference list.
11. If you are proven to be guilty of plagiarism or any academic misconduct, your grade
could be reduced to a Fail or at worst you could be administratively withdrawn from the
course after a formal investigation.
 Higher National Diploma in Computing

Unit 05: Security

Assessment Brief
Unit Number and Title Unit 05: Security
Academic Year 2023 – FA23
Unit Tutor
Assignment Title Secure 2030: Security sector training event
Issue Date 18/11/2023
Submission Date 30/01/2024
Submission Format

A formal 15- 20-minute pre-recorded presentation (20-25 slides as a guide, with

supporting speaker notes) to communicate an evaluation of your investigation to a non-
technical audience, highlighting key information regarding the range of IT security risks
that organisations face and the IT security solutions for them.

A handbook (8-10 pages) on security awareness that is to be downloaded by seminar

delegates providing information on risk management, standards, organisational security and
the alignment of organisational policy.

The recommended word limit for both assignment is 4,000–5,00 words, although you will
not be penalised for exceeding the total word limit. You are required to make use of
headings, paragraphs and subsections as appropriate, and all work must be supported with
research and referenced using the Harvard referencing system.

Unit Learning Outcomes

LO1 Assess risks to IT security

LO2 Describe IT security solutions
LO3 Review mechanisms to control organisational IT security
LO4 Manage organisational security

Transferable skills and competencies developed

Computing-related cognitive skills

▪ Demonstrate knowledge and understanding of essential facts, concepts, principles and
theories relating to computing and computer applications
▪ Recognise and analyse criteria and specifications appropriate to specific problems,
and plan strategies for their solutions
▪ Critical evaluation and testing: analyse the extent to which a computer-based system
meets the criteria defined for its current use and future development
 ▪ Methods and tools: deploy appropriate theory, practices and tools for the design,
implementation and evaluation of computer-based systems.

Computing-related practical skills

▪ The ability to evaluate systems in terms of quality attributes and possible trade-offs
presented within the given problem
▪ The ability to critically evaluate and analyse complex problems, including those with
incomplete information, and devise appropriate solutions, within the constraints of a
budget
▪ The ability to specify, design and construct reliable, secure and usable computer-
based systems
▪ The ability to recognise any risks and safety aspects that may be involved in the
deployment of computing systems within a given context.

Generic skills for employability

▪ Intellectual skills: critical thinking; making a case; numeracy and literacy

▪ Contextual awareness, e.g. the ability to understand and meet the needs of
individuals, business, and the community, and to understand how workplaces and
organisations are governed
▪ Interaction: reflection and communication

Vocational scenario

You have been asked in your role as a security professional to support ‘Secure 2030’, an
online seminar event aimed at local SMEs within the security sector. The 2-day event
includes a series of security sector updates, seminars and workshops from industry
professionals.

You are required to produce a set of materials to include a presentation with accompanying
notes, a security awareness booklet and a security policy activity to support one of these
workshops. The topic being: IT security: risks, policies and procedures – what you need to
know!

Assignment activity and guidance

The presentation that you create, should conform to the event guidelines of between 20-25

slides with a group activity and accompanying notes for the delegates. The content should
include:
▪ A brief discussion on types of security risks and an understanding of organisational
security procedures.
 ▪ An analysis of the benefits of implementing network monitoring systems with
supporting reasons.
▪ Specific references to the configuration of firewall policies and third-party VPNs in
terms of the impact to IT security if these were configured incorrectly.
▪ How network security can be improved by implementing a DMZ, static IP and NAT
with examples.
▪ An overview of how IT security risks can be assessed/treated.

▪ Provide an evaluation of at least three physical and virtual security measures that
could ensure the integrity of organisational security. You will need supporting slide
notes to support the evaluative element.

Each delegate that attends the online seminars are given a downloadable copy of a ‘security
awareness handbook’. This provides information on risk management, standards,
organisational security and the alignment of organisational policy. Create a handbook in line
with the event guidelines of between 8-10 pages that address the following key headline
topics:
▪ Risk assessment – what are the procedures and provide an overview of ISO standards
on risk management methodology and its application in IT security?
▪ Data protection – what are the processes and regulations as applicable to an
organisation?
▪ IT security and Organisational Policy – how can organisational security be impacted
through an IT security audit? How can organisational policy and IT security policy be
aligned? Discuss what could happen if there was a misalignment. Within this section
also provide an Evaluate the suitability of the tools used in an organisational policy.
▪ Organisation security and stakeholder involvement– what are the main components
of an organisational disaster recovery plan, justify why? When implementing security
audit recommendations discuss what roles stakeholders have within the organisation.

The final component of the seminar is to provide delegates with a task that they can then
complete in their own security work environments. The event guidelines state that the task
can be chosen by the presenter, based on the workshop theme. An example solution to the
task should be produced as guidance.

The task that you have selected is to design and implement a security policy for an
organisation. Using an appropriate template, design a security policy and state how this can
be implemented/implement within an organisation.

Please review the subsequent grading criteria for more details on the expected elements and
topics that need to be included.
Learning Outcomes and Assessment Criteria

Pass Merit Distinction

LO1 Assess risks to IT security

P1 Discuss types of security risks to M1 Analyse the benefits of

organisations. implementing network
monitoring systems with LO1 & LO2
P2 Assess organisational security
supporting reasons.
procedures.
LO2 Describe IT security solutions D1 Evaluate a range of
physical and virtual
P3 Discuss the potential impact to IT security measures that
security of incorrect configuration of can be employed to
firewall policies and thirdparty VPNs. ensure the integrity of
M2 Propose a method to organisational IT
P4 Discuss using an example for each, assess and treat IT security security.
how implementing a DMZ, static IP risks.
and NAT in a network can improve
Network Security.

LO3 Review mechanisms to control organisational IT security

M3 Summarise an
appropriate risk management D2 Recommend how
P5 Review risk assessment procedures approach or ISO standard IT security can be
in an organisation. and its application in IT aligned with an
security. organisational policy,
P6 Explain data protection processes
detailing the security
and regulations as applicable to an M4 Analyse possible
impact of any
organisation. impacts to organisational
misalignment.
security resulting from an IT
security audit.
LO4 Manage organisational security

P7 Design a suitable security policy

for an organisation, including the D3 Evaluate the
main components of an organisational M5 Justify the security plan suitability of the tools
disaster recovery plan. developed giving reasons for used in the
P8 Discuss the roles of stakeholders in the elements selected. organisational policy
to meet business needs.
the organisation in implementing
security audits.
Higher Nationals - Summative Assignment Feedback Form
Student Name/ID
Unit Title
Assess
Assignment No
or
Date Received 1st
Submission Date
submission
Re-submission Date Received 2nd
Date submission

Assessor Feedback:

Grade: Assessor Signature: Date:

Resubmission Feedback:

Grade: Assessor Signature: Date:

Internal Verifier’s Comments:

Signature & Date:

* Please note that grade decisions are provisional. They are only confirmed once internal
and external moderation has taken place and grades decisions have been agreed at the
assessment boar
 Grading Rubric

Achieved/Not
Grading criteria Comment
Achieved

P1 Discuss types of security risks to organisations.

P2 Assess organisational security procedures.

M1 Analyse the benefits of implementing network monitoring

systems with supporting reasons.

P3 Discuss the potential impact to IT security of incorrect

configuration of firewall policies and thirdparty VPNs.

P4 Discuss using an example for each, how implementing a

DMZ, static IP and NAT in a network can improve Network
Security

M2 Propose a method to assess and treat IT security risks.

D1 Evaluate a range of physical and virtual security measures

that can be employed to ensure the integrity of organisational IT
security.

P5 Review risk assessment procedures in an organisation.

P6 Explain data protection processes and regulations as

applicable to an organisation.
M3 Summarise an appropriate risk management approach or ISO
standard and its application in IT security.

M4 Analyse possible impacts to organisational security resulting

from an IT security audit.

D2 Recommend how IT security can be aligned with an

organisational policy, detailing the security impact of any
misalignment.

P7 Design a suitable security policy for an organisation,

including the main components of an organisational disaster
recovery plan.

P8 Discuss the roles of stakeholders in the organisation in

implementing security audits.

M5 Justify the security plan developed giving reasons for the

elements selected.

D3 Evaluate the suitability of the tools used in the organisational

policy to meet business needs.
Pearson HND in Computing: Data Analytics – Assignment © ANC 2022
Page 1 of 11