- The report is to be based on the following case study scenario about Malware such as viruses and other vulnerabilities to organisations’ information systems.
A malware program, such as a computer virus, is a program that when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of computers’ hard drives. When this replication succeeds, the affected areas are described as being ‘infected’. Computer viruses often perform some type of harmful activity on infected hosts, such as stealing hard disk space or CPU time, accessing private information, corrupting data, displaying political or humorous messages on the user's screen, spamming their contacts, or logging their keystrokes.
Malware and other software vulnerabilities cause billions of dollars’ worth of economic damage to organisations each year, due to causing systems failure, denial of service, wasting computer resources, corrupting data, increasing maintenance costs, etc. Unfortunately, no currently existing antivirus software is able to catch all computer viruses (especially new ones).
You are the ICT manager of a large organisation (1000 employees) based in Sydney. Your supervisor has asked you to research the best way to protect your organisation’s information systems from being compromised through infection with Malware or suffering from other software vulnerabilities. You are to write a report to be presented at the next executive meeting. The report should explore:
1. The types of Malware and other software vulnerabilities that could affect your organisation’s information systems.
2. The potential cost to the organisation if the information systems were to become infected by Malware or suffering from being compromised by other software vulnerabilities. Describe both tangible and intangible costs to your organisation.
3. The measures that your organisation could take to reduce the risks from Malware and other software vulnerabilities.
Your report should include recommendations that provide guidelines for the organisation with respect to reducing the risks of being adversely affected by Malware and/or other software vulnerabilities.
Please note that you will need to make some assumptions about your organisation in order to write this report. These assumptions should be incorporated in the introduction to your report when you describe the organisation and outline the problem to be solved.
Specifically your report should include the following:
1. Title page: student name, student number, email address, course code, assignment number, assignment due date, campus lecturer/tutor, and course coordinator (not counted in the word count).
2. Executive summary: should include the purpose of the report, the problem and how it was investigated, your findings and your recommendations (approximately 300 words).
3. Table of Contents: should list the report topics using decimal notation. Needs to include the main headings and subheadings with corresponding page numbers, using a format that makes the hierarchy of topics clear (not counted in the word count).
4. Introduction: provide a brief description of the organisation, a concise overview of the problem you have been asked to research, the objectives to be achieved by writing the report and how you investigated the problem. Provide an outline of the sections of the report. Note that you will have to make assumptions about what type of organisation you are working for in this case study (approximately 400 words).
5. Body of the report (use appropriate headings in the body of the report.): Define key terms you will use in your report, such as what is meant by ‘Malware’. Present your ideas on the topic and discuss the information you found in your research that was relevant to the report’s objectives. Provide an analysis of the information that you gathered. Ensure that you explore the three points listed in the scenario above. You also need to discuss the ethical, social and legal aspects surrounding this issue. In your discussion, examine the issues from a global perspective as well as from the local perspective (of the fictional organisation that is the centre of this report).
Please do NOT use ‘Body of the Report’ as a heading. Create meaningful headings that reflect the content of your report (approximately 1200 words).
6. Conclusion: based on your research and analysis. Explain the significance of your findings and your discussion. State if your report has achieved its objectives (approximately 550 words).
7. Recommendations: (based on your findings) what would your recommendations be to your supervisor in this situation? Provide some guidelines for the organisation with respect to protecting your organisation’s information systems from of being adversely affected by Malware and/or other software vulnerabilities (approximately 550 words).
8. Reference list (not counted in the word count).
9. Appendices if necessary (not counted in the word count).
