Unit 3 Outcome 3 IP&M - 2003

Evaluate the effectiveness of the strategies used by an organisation to manage the storage, communication and disposal of data and information.

This outcome will contribute 30 marks out of the 100 marks allocated to School-assessed Coursework for Unit 3. It will be assessed by one task.

Task

Description

·          A written report

or

·          A test

Designing the assessment task

Teachers should design an assessment task that allows the student to:

·          identify the existing procedures and equipment (strategies) used by an organisation to manage the storage, communication and disposal of information, explain the strengths and weaknesses of each strategy and recommend improvements

·          evaluate the extent to which the procedures used by an organisation meet its legal obligations

·          have the opportunity to demonstrate the highest level of performance.

Resources and scheduling

Schools may determine the conditions for the task including access to resources and notes. Students should be advised of the timeline and conditions under which the task is to be conducted.

Performance descriptors

The following descriptors provide a guide to the standards expected when setting and marking assessment tasks. They describe the knowledge and skills typically demonstrated by students who have achieved scores within each range on the assessment task/s.

Outcome 3

Evaluate the effectiveness of the strategies used by an organisation to manage the storage, communication and disposal of data and information.

MARK RANGE

DESCRIPTOR: typical performance in each range

24–30 marks

 

All facts are accurately interpreted to determine the goals and objectives of the existing information system. All existing procedures and equipment are correctly identified.

A complete and relevant set of criteria is used to evaluate the effectiveness of all of the existing strategies. The strengths and weaknesses of each strategy are accurately described, and, where appropriate, use correct technical terminology.

All relevant legal obligations and/or ethical dilemmas are considered when determining the extent to which existing procedures allow these obligations to be met. This evaluation is based on valid criteria.

All threats to the security of information are fully described and are logically connected to the stated consequences, if the security measures are violated or ignored.

All recommended strategies are defensible and sound. Explicit connections exist between the strategies, the causes of security breaches and the goals and objectives of the information system.

A complete and accurate description is provided of the types, roles and functions of the recommended equipment and procedures.

16–23 marks

 

Most facts are accurately interpreted to determine the goals and objectives of the existing information system. Most existing procedures and equipment are correctly identified.

Relevant criteria are used to evaluate the effectiveness of most of the existing strategies. The strengths and weaknesses of most strategies are described; however, some inaccuracies exist. Where appropriate, technical terminology has been used.

Most relevant legal obligations and/or ethical dilemmas are considered when determining the extent to which existing procedures allow these obligations to be met. This evaluation is mostly based on valid criteria.

Most of the threats to the security of information are explained and logical connections exist to most of the stated consequences, if the security measures are violated or ignored.

Most recommended strategies are relevant and adequately described. Logical connections exist between most of the proposed strategies, the causes of the breaches, the effectiveness of the existing strategies and the goals and objectives of the information system.

An adequate and mainly accurate description is provided of the types, roles and functions of the recommended equipment and procedures.

 

8–15 marks

Some facts are inaccurately interpreted as revealed in the description of the goals and objectives of the existing information system. Some existing procedures and equipment are correctly identified.

Some inappropriate criteria are used to evaluate the effectiveness of some of the existing strategies. The strengths and weaknesses of some strategies are described; however, misunderstandings of theory or organisation needs are revealed.

Some relevant legal obligations and/or ethical dilemmas are considered when determining the extent to which existing procedures allow these obligations to be met. This evaluation is based on some inappropriate criteria.

Some threats to the security of the organisation’s information are explained, and the connections between these threats and possible consequences for the organisation if security breaches occur are not always coherent.

Some recommendations to improve the strategies are logically linked to the causes of the breaches and the goals and objectives of the information system. Some recommendations are supported; however, the appropriate matching of strategies to the organisation’s needs are limited.

Descriptions of the types, roles and functions of the recommended equipment and procedures are incomplete or superficial.

1–7 marks

The description of the goals and objectives of the existing information system is incomplete and/or reveals misunderstanding of facts. Few existing procedures and equipment are correctly identified.

Little or no criteria have been used to evaluate the effectiveness of the identified existing strategies. The strengths and weaknesses of few strategies are superficially described, and misunderstandings of theory and organisation needs are revealed.

Incorrect or irrelevant legal obligations and/or ethical dilemmas are considered when determining the extent to which existing procedures allow these obligations to be met. This evaluation is based on no stated criteria.

Limited threats to the security of the organisation’s information are provided. Few connections between these threats and possible consequences if security breaches occur are provided.

Limited recommendations to improve the strategies are relevant; however, others are not appropriately matched to the needs of the organisation.

Descriptions of the types, roles and functions of some recommended equipment and procedures are incomplete and superficial.