This assessment must be submitted via Blackboard Scenario BBS (Botswana Free Shelter) is a recognized charitable organization set up to deliver help, support and advice to any person in Botswana. BBS was set up to help people cope with personal, legal and financial problems by providing free advice and information. In some cases visitors will be referred to other professionals for help (doctors, social workers etc. ) BBS delivers advice from over 3,000 community locations. Each office is independently run and managed.
There is a head office which sets the standard for quality of advice and provides some training and support to the community locations. None of the community locations are physically connected. Advice and information offered by BBS is free, independent, confidential and impartial. Each office has around 15-20 staff members. There are typically 3 or 4 employed (paid) staff at each location (Managing Director, Secretary, IT Officer and Legal Advisor/Finance Officer), with the remaining workforce being made up of unpaid volunteers who work 2 or 3 days per week.
In some locations, the IT Officer is also an unpaid volunteer. Volunteers are often made up of students who work part time. The Managing Director, Secretary and Legal Advisor are all typically full time staff but the IT Officer will often work just 2 or 3 days per week. All staff (including volunteers) undertake training when they start work with BBS, but this is limited to basic rules such as not taking data home at the end of the working day and how to deal with upset residents. There is no specific IT training.
The IT Officer is required to undertake an CICS Learning Course online when they start working for BBS. Once a year all the Managing Directors from community locations meet to discuss the forthcoming year and how to implement any legal changes required. Currently, volunteers have access to a proprietary database system for writing notes about people who ask for advice. These notes are accessible to any member of staff within the organization, using a Windows shared login. There is no separate login for the database. The notes may include names, addresses and other personal information.
There is nothing to Stop staff bringing a laptop to work and plugging into the network using an Ethernet cable to access the notes. The database is stored on a single server in the back of the office, with no backups. Although BBS have a Data Protection statement they do not have any other policies which relate to compliance and security. There is no Wi-If available in any of the offices. CATV is used in all rooms to protect the safety of staff. Although BBS has a main website the community locations do not have their own web presence. Key Business Hours:
Community Location core operational hours: Monday -? Friday, am -? pm The community locations are currently run as drop-in only during the core hours and it is not possible for visitors to make an appointment, although this could change in future. Part 1 -? Compliance and Security (30%) Identify the security and legal requirements for data stored and used by the community locations. Specify the policies required and give a brief description of each. Select one of the identified policies and write a detailed policy document for BBS. Part 2 – Service Level Agreement (35%)
You are required to write an internal Service Level Agreement to be used between the central IT department and outer offices to cover the desktop services. The SLAM should aim to determine a standard minimum level of service delivery across all sites. The SLAM should include all aspects of delivery, and should include (in no particular order): Service Desk Operation Sec ritzy Disaster Recovery Change Management Software Installation/updates Hardware installation/updates Change requests Operational hours Staff responsible elites Users Reporting structure
Any other aspects which you feel are relevant -? note that in order to gain a high mark you will need to cover more than the above list in detail part 3 – Risk Management poster (35%) Design an AY poster (in landscape orientation) detailing a risk management process relating to information security that should be implemented for the community locations. Use process flow diagrams where appropriate Design a risk matrix to be used in the process(sees) Note that there is a MAXIMUM file size of numb – you will be penalized if it is larger than this.
Marking Guidance part Criteria Part 1 Compliance and Security 30% [A] + Excellent work to an extremely high professional standard which covers every conceivable security and legal requirement. Policies are extremely well described and match the requirements perfectly. The written policy is of a professional standard and could be implemented in industry. May exceed expectations at this level. [B] 60-69%Very good work to a professional standard which covers a wide range of security and legal requirements. Policies are very well described and match the requirements.
The written policy is of a professional level ND could be implemented in industry with some minor adjustments. [C] 50-59%Good work to a reasonable professional standard which covers a number of security and legal requirements. Policies are reasonably well described but could do with more detail. The written policy is of a good standard and could be implemented in industry with more work. [D] 40-49% An attempt has been made to identify the security and legal requirements but some have been missed. POI ices are identified but are not always appropriate or lack detail.
The written policy is somewhat vague and needs quite a lot more work. F] A poor attempt which does not meet the module learning outcomes. It may have missing information or has missed the point. Part 2 Service Level Agreement 35% [A] 70% + Excellent SLAM to an extremely high professional standard. Includes excellent metrics and targets. It could be implemented in industry. May exceed expectations at this level. [B] 60-69%Very good SLAM to a professional standard. Includes good metrics and targets. Could be implemented in industry with some minor [C] 50-59%Good Slats a reasonable professional standard.