Gelos Enterprises Pty Ltd has requested assistance to implement and maintain improved cyber security policy/procedures. Using the findings from the review completed in Part 1 above, produce an improved Cyber Security internal control procedures for Gelos.

Task 1 Policies and procedures

For this task, you must demonstrate an understanding of corporate governance principles, the application of these principles by producing a cyber security policy and procedure.

You are required to review the scenario and then produce an internal control procedure for cyber security by applying corporate governance requirements and following industry-standard practices. You should use the template provided to develop the procedure (see assessment event overview on page 3):

• FNSACC526_AE_Sk2of4_App_Policy and procedure template

The review of existing procedure, development of new procedure (or updated procedure) must be presented within 2 weeks of the initial review)

You must use the same format and layout as the current policy/procedure to make all required changes/updates to policy documents.

This task will be conducted in a simulated environment that replicates the workplace and must include the following equipment/resources:

• Corporate governance documentation required for role
• Organisational operational policies and procedures required for role.

While you are performing the task, you must demonstrate each of the following activities:

1.1.Produce required reports.

1.2.Detail and document internal control procedures that apply corporate governance requirements to internal operations.

1.3.Develop the applications of corporate governance requirements from authoritative sources according to industry standard practices.

Consider the following for inclusion into the policy and procedure:

• user access
• protection
• backups
• training
• cloud services
• work from home

[Insert Name Policy and Procedure]

1. About this policy and procedure
   1. Document purpose

[The policy and procedure purpose will tell you what the policy is about, what it aims to achieve and, why it is used in the workplace or organisation. It may also reference any legislation or external authorities/regulations that underpin the policy and procedure.]

1. Scope

[The scope provides a summary of the policy and procedure and who the policy and procedure applies to. This may include staff, customers, contractors and suppliers. It will tell you if there are any exemptions to the policy. It may also explain any consequences of not complying with the policy and procedure.]

1. Policy

[Describe all aspects of the policy and procedure.]

1. Procedure

[Describe all aspects of the policy and procedure.]

1. [Name of procedure]

[The policy purpose will tell you what the policy is about, what it aims to achieve and, why it is used in the workplace/organisation. It may also reference any legislation or external authorities/regulations that underpin the policy.]

1. Procedures

[Add information to step out the process to be followed in a logical sequence.]

Tip: Add or delete Policy and Procedure sections according to the number of procedures required.

1. Document information and review
   1. Responsibilities

The following table provides a list of the positions or departments that are responsible for this policy and procedure and the scope of their responsibility.

Table 1 Responsibilities

Position	Responsibility
CEO	Approver for this policy and procedure.
[Click/tap to list the positions or departments that are responsible for the procedure]	[Click/tap to describe the scope of their responsibility]

1. Definitions

The following definitions clarify the terms and words that are specific to this policy and procedure.

Table 2 Definitions

Term	Definition
Scope	The extent of the area that something applies to.
[Click/tap to add a term or word specific to this document that requires explanation]	[Click/tap to add definition of term or word in the context of this document]

1. Related documents

This policy and procedure should be read in conjunction with the following documents:

• [Insert document name here (hyperlink, if possible)]
• [Insert document name here (hyperlink, if possible)]
  1. Document review

This policy and procedure will be reviewed every 12 months.

Review date: [Click/tap to enter a date]

1. Document authority

This [Insert Name Policy and Procedure] has been authorised by Catherine Dunn the CEO of Gelos Enterprises and is available to all staff. It has been developed in line with all relevant legislation, in consultation with committee representatives and will be revised on a regular basis.

Approval date: [Click/tap to enter a date]