Information Governance and Cyber Security.
This assignment will assess the following learning outcomes:
- Critically evaluate the key information governance principles, practices and security frameworks to demonstrate your understanding in the design, development, implementation and monitoring of information security management system of an organization.
- Ability to critically evaluate the risk assessment methodology to determine appropriate control objectives for a given organizational scenario.
- Demonstrate ability to work as a member of a team and make contributions to team success and effectiveness.
- Critically appraise social, ethical and legal responsibilities of an Information security auditor to comply with.
Assessment brief.
Wallington Trust Hospital (WTH) provides secondary health services to the suburb of London borough of Sutton. The hospital management acknowledge the significance of reliable information security need for their clinical management system to maintain integrity and provide confidentiality and privacy to patients’ digital information which is coupled with electronic medical records. Information Governance play a vital role in Healthcare, it establishes policies, procedures and accountability, which is imperative for an effective management lifecycle of patient data and maximise data privacy and confidentiality. The aim of Information governance is to provide data confidentiality and protection assurance to WTH management, individual patients and help staff to understand the importance of data handling procedures to adhere with clinical information assurance, corporate information assurance, information security assurance and perform their duties ethically to provide best possible care as well as respecting data subjects rights while processing their personal data.
Assessment Criteria/Marking Scheme:
The work will be marked out of 100 in line with the University’s marking grades and according to the following assessment criteria:
| Description | Marks |
| Part A: Individual Task | |
|
Task 1: Information Governance Need & Cyber Security Threats – 25% (suggested word limit for this section is 900 words) |
|
| Critically appraise understanding of latest cyber security threats to information assets and demonstrate requirements of Information Governance need in the context of given scenario. The role of Information Security auditors to comply with social, ethical and legal requirements to assess the effectiveness of Information Security Management System. Presentation should include appropriate language, referencing, clarity of expression style, format and length.
|
25 |
| Task2:Framework – 20% (suggested word limit for this section is 700 words) |
|
| Justification of the approach taken and rationale for the scope and content of the Information Security Management Systems (ISMS) based on a critical evaluation and understanding of the organization, and reference to principles and best practice. This could include critical evaluation of Information governance frameworks and rationale of the choice considered for a given context.Presentation should include appropriate language, referencing, clarity of expression style, format and length.
|
20 |
| Task 3: Risk Assessment – 25%
(suggested word limit for this section is 900 words) |
|
| Justification of the importance of information governance to the organization based on a critical evaluation of the organizational context. This should include risk assessment methodologies either qualitative or quantitative. Identify information assets, identify threats, vulnerabilities and risks associated with assets. Presentation should include appropriate language, referencing, clarity of expression style, format and length.
|
25
|
