CASE STUDY F

Norman & Spencer

Norman & Spencer is a leading insurance provider which operates across Australia. The company has recently received a document from the industry regulator for the insurance industry, stating a series of changes that are going to take place in the next year.

Dear Sir or Madam at Norman & Spencer,

As you may know, new legislation is being introduced by the Australian government which will impose changes to the way insurance providers collect and store their customers' data and personal information. This legislation is being introduced to improve information security at providers across Australia.

As a result of the new legislation, we, as the industry regulator, will introduce new guidelines for all insurance providers operating in Australia. These guidelines, if complied with, will help companies to adhere to new legislation.

As part of the new guidelines, we will be asking companies to:

Take steps to limit the personnel who can access customers' personal information within the company

Only collect a limited amount of personal information from customers

Make sure personal information is not stored physically in paper formats

Make sure they install one antivirus software from a list of approved software

Take steps to secure all personal data with secure login and password fields

Make sure passwords have uppercase letters, numbers, and include more than eight letters.

Kind regards

Paul Mcmahon

1. Read Case Study F. Using your reading skills, analyse the new guidelines provided and highlight the three that you believe are most important. Explain why you believe your chosen three are so important to information security.

2. Read Case Study F. Using your writing skills, create two extra guidelines which would likely to improve information security at Norman & Spencer. Explain why your guidelines would contribute to information security at the business. Make sure you use clear and accessible language in drafting your guidelines.

3. Read Case Study F. Using your oral communication skills, conduct a five-minute presentation explaining why you chose the guidelines that you did in question two. Make sure you use both verbal and non-verbal skills to confidently convey your ideas. When everyone has given their presentation, the group should vote on three guidelines to implement. Voting should be based on the persuasiveness of the pitch and the content of the idea.

4. Read Case Study F. Show that you can navigate the world of work by using the content of the letter to make an organisational document aimed at Norman & Spencer staff. The organisational document should outline all new rules and standards, explaining why it is important that these are implemented at the organisation. The document should contain at least five rules and standards and use clear and straightforward language throughout.

5. Read Case Study F. Show that you can get the work done by writing a one-page report for Norman & Spencer manager Ruth Bayliss, highlighting the key information security concerns/issues in the current online environment. This will require you to conduct in-depth research to acquire relevant information, before you decide how to summarise the main issues. The report should be no longer than a page long, so you will have to make decisions on how to summarise and condense the main security issues faced by organisations today.