complete and submit a security plan based on the following scenario:
a) You are the recently appointed head of a security team responsible for protecting the information holdings of a business organisation of some 60 staff. The organisation is housed in a detached, multi-storeyed building located in the central business district of an Australian city.
b) The security team is responsible for overseeing the security of information from deliberate and accidental threats. A recent audit of the information security management system found it to be deficient in some key areas, notably incident response, disaster recovery and business continuity, social engineering exploitation of personnel, an apparent lack of personnel awareness of the various threats to information, and poor password security. These issues were identified as needing urgent remedy.
c) Technical systems were found to be reasonably effective in maintaining database and document management security, and were well serviced by the IT team.

ASSIGNMENT –> Management has directed you to undertake some security analysis and planning to improve the organisation’s security of information. You are tasked to:
a) Identify and describe the organisation’s physical, human, and electronic information holdings that may be at risk.
b) Identify and describe the actual and potential physical, human, and electronic threats to the organisation’s information holdings.
c) Design a security plan that describes counter-measures that will manage the threats that put the organisation’s information holdings at risk and disaster recovery processes.
d) Develop a comprehensive information security education and awareness programme for use by management, staff members and contractors).