Introduction and nature of the Commonwealth Government of Australia with My Health Record System Plan a Security Policy • Identify and explain the role of planning for security policy. • Identify and discuss the best strategic planning for security policy. • Explain the resources planning required for security policy. • Anything else you think is reasonable to place into a Plan for Security Policy based on what you have learnt. Develop a Security Policy • Define the intent and rationale of the policy. • Any definitions which are used through out the document. • Responsibilities of individuals i.e. those who enforce the guideline. • Scope of the policy i.e. who and what it effects. • Anything else you think is reasonable to place into a Develop for Security Policy based on what you have learnt. Manage a Security Policy • Describe how to monitor policy. • Explain how to control policy. • Identify and explain the major outcome of policy. • Explain how do you update policy time to time. • Anything else you think is reasonable to place into a Manage for Security Policy based on what you have learnt. Conclusion. Part Two – Conducting A Risk Assessment Total: 10 Marks Not more than 5 Pages Student can select an organisation from the list of organisation given by the lecturer. Risk Register • A brief introduction of the organisation and the IT systems. • Identify and explain any major risk in the IT systems components. • Discuss the consequences of the risk. • Inherent risk assessment, that is the assessed, raw/ untreated risk inherent in a process or activity without doing anything to reduce the likelihood or consequence. • Mitigate the risk. • Residual risk assessment, that is the assessed, risk in a process or activity in terms of likelihood and consequence after controls are applied to mitigate the risk. • Create a Risk Register based on the risks identified in the IT systems and prioritise of the risk using a standardised framework such as the ANSI B11.0.TR3 Risk Assessment Matrix. • Rationale for conducting Risk Assessment. • Conclusion. Please consider the below for Part 1 and 2: • Provide evidences wherever possible with APA references and citations • Check plagiarism before you submit the final version of the assignment, it is very important. • Grammar and spell check are important. • Only Word format (.doc, or .docx) must be submitted as a single document with Font Style: Times New Roman/Arial, Size: 12 and Spacing: 1.5. • All diagrams that are required should be inserted into the document in the appropriate position. • Go through the rubrics for more details and ask any to your lecturer if you have any doubts. • IT Security Advisor is responsible for the formulation of such policies and also is responsible for enforcing this guideline. This is your role in this assessment for atleast 3 users. • IT Systems Auditor is responsible to conduct and provide a risk register must come up for the IT systems in the organisation. • The first page (cover page) of the document file should have the following information clearly mentioned: a. Your Full Name b. Your Student ID c. Subject Code d. Assessment Item Number and Name e. Lecturer Name • Each page should have page number in “page x of y” format.