Imagine that you have just been appointed as a Computer security consultant for a firm of independent computer security systems advisers, with an international base.
You have been tasked with compiling a report that investigates the current computer security threats for private qualification awarding bodies (i.e OCR, C&Gs, Pearson etc) working within the global economy and developing a generic top-level security policy document which could be used and developed upon by any qualification enterprise as the basis of their main reference source for computer security manager’s and staff alike for such organisations.
The policy document must identify the major threats and vulnerabilities and these should indicate how they may need to be prioritised by the organisation to best meet their requirements to support business risks identified by them. The document must be logically structured to ensure quick and easy retrieval of specific information and guidance. You must also encourage internal standards for ‘good practice’ with these being clearly related to relevant external [United Kingdom, European and International] standards. (Please note that a student may identify their country of origin and then formulate their international standards within their development against that country).