Home  

Faculty Resources

Teach

Create

Scenarios

C-Bay Site

C-Bay Instructor's Manual

EdSoft Site

QuickSoft Site

Updated: 29 January, 2007

Task 1 At-A-Glance

Task Overview

Policy Critique

Students receive an e-mail from the IT Director (their boss) explaining that the current security policy at C-Bay needs to be overhauled to meet the company's business needs. The boss also sends the company's executive summary and network configuration, as well as notes from a company meeting which unpacked security issues. Students must prepare a presentation critiquing the current policy, identifying the top priorities for security implementation, and noting areas where business and legal interests may object to heightened security measures.

Task Purpose

• Identifying security needs in a particular business context
• Prioritizing security needs
• Communicating in a professional way
• Teaming effectively
• Understanding one's audience(s)

Mentor Prep Work

1. Read the Task 1 course materials in your Course Home site.
2. Review annotated version of the policy the students receive (t1_annotated_sp.doc) and the prioritized list of problems with C-Bay security (tl_prob_pri.doc)
3. Decide which areas of the task should be covered in class discussions
4. Review t1_rubric.xls, the scoring rubric to understand the assessment.
5. After the task is completed, send the students t1_rubric.xls, the 360-degree evaluation form and ask them to evaluate their own work and their teammates' work.

Task Resources

For the students:

An e-mail from the IT Director explaining the task

Attached documents to assist in the task: a work plan for the development of the policy, C-Bay's executive summary, a graphic showing the network topology, network specs, notes from a meeting about security-related issues, and the current draft of the policy

A plan of attack for the task

Tips & traps for guiding the learners through the task

Resources & references for background information and models

A checklist of questions the students should review before their presentations

Reflection questions for review after completing the task and T1_Security Policy_End, a revised draft of the policy apparently completed after the student presentation.

For the Mentor:

An annotated version of the current draft of the security policy indicating problem areas that need revision (t1_annotated_sp.doc).

An annotated version of the meeting notes prioritizing C-Bay's problems as a guide for which the students need to cover in their presentations.

A scoring rubric for the task.

A 360-degree evaluation form to send to students after they've completed the task, to allow them to evaluate their own work and their teammates' work.

Learner Deliverables for Task

A presentation critiquing the current policy, suggesting highest priority areas of implementation and push-back possibilities from legal and business teams

Task 1: Recommended Classroom Activities

Introduce course and task

For this first session, you should introduce the pedagogy for the course (Scenario-Based curriculum) and the interface for the online component. Students should also be divided into groups of three or four, and time permitting, some team-building activities can be practiced. You should also discuss the work plan for the entire course (though it doesn’t include the “surprise” of task 4, which ultimately delays the team’s efforts in completing the policy). (Note: you may choose to include or advise real-time dates in the work plan, so that deadlines are clearer for the students.) Also, review the section on how to submit tasks, and walk through the course manager where shared files will be housed.

Students may also benefit from an introduction to office life. Students who have worked in IT departments may share their experiences. If possible, an IT professional could be invited to give a presentation at this point in the course or at any time during the semester. Wherever possible, parallels should be drawn between the course and the real world of office life.

In addition, you should introduce the concept of project management (with the work plan available online as a model). For each task, the students should select a project manager who will keep them on track for timely completion: the project manager should also arrange communication among the group (or assign that task to a teammate) and s/he will also be the student responsible for submitting any deliverables for the task. If students need help with the selection, you should assign the PM for this first task and ensure that each team member plays that role at some point during the course.

Respond to student questions and give guidance as students work through task

You can facilitate a discussion of the scenario materials by asking general questions about security issues at C-Bay. What are the major security problems at the company? What are its key assets that the policy needs to protect? What are its pressing business needs? How can these be translated into policy requirements? How do its expansion proposals create new security risks? If students can identify the issues correctly, you may want to open up the floor to discussing possible solutions. When doing so, you should keep the students mindful of competing interests in business practice (i.e., security vs. legal vs. sales and customer service). Alternately, you may choose to review another security policy with the classroom (several are listed in the Resources & References section of the support materials online). Again, Socratic questioning should be the mode of presentation here: What issues does this policy seem to focus on? How are the problems addressed? How does the nature of the business/organization seem to effect the decisions made? How is the policy organized and formatted?

The students have been advised to develop work plans for their own work in this task. Depending on the students’ skill levels and experience with group-work or on your agenda for introducing business skills into the class, you may choose to check in on the students’ work plans (e.g., they could be required submissions at the end of week 1 to give the “IT Director” a status report on the task).

While the students are working on their critiques, you may also choose to check in at regular intervals. We advise staying in the role of the IT Director when you do so. Ask the students about the status of their assignment and encourage them through Socratic questioning to keep in mind the key problem areas of the tasks (e.g., assessing priorities, considering areas of potential push-back, etc.)

Coordinate student presentations

The presentations will be arranged so that each group gives its presentation at least once (twice if they do not complete the presentation at a satisfactory degree of mastery) and serves as audience to at least one presentation. You will attend all presentations. The IT Director’s message online suggests that the presentations be delivered remotely: visit the collaboration tools section of the site for information on how remote presentations should be conducted. Otherwise, you can choose to alter the scenario with a last-minute change of plans on the part of your character: you and your colleagues will be in town after all, so the presentations can occur in person.

Ideally, all students in each group will take some role in the presentation. Remind the students of this, and of their role as audience members: they should provide push-back from the perspective of an IT professional.

At this point, you should define the times for the presentations and the conference call logistics.

Facilitate student presentations and give feedback

The students give their presentations via tele-conference using Power Point, or in person. An hour is slotted for each presentation.

During the presentation, the listening group(s) as well as you will have the opportunity to interrupt with push-back and questions. In effect, they are playing the roles of the IT management team, commenting on the recommendations of the presenters. You should in particular focus on the potential business and legal push-back (though the presenting group should include such attention in their presentation). Thus, the feedback stays within the scenario. After the “meeting” has been held, you may call the students out of the scenario to discuss the presentation at a meta-level: that is, you and the listening group should comment on the presenters as presenters, providing feedback on the design and performance of the presentation (rather than the content).

You can provide additional feedback to the learners in written form. A scoring rubric is also provided (T1_Rubric.xls), based on the skills and practices highlighted in the support materials online.

Reflection questions are provided online for this portion of the class. You may want to contribute to the students’ discussion using Socratic questioning: rather than giving advice, try to draw out possible solutions with pointed questions. (Note: you will need to send students the finalized security policy in preparation for the reflection session: T1_Security Policy_End.doc.)

Distribute the 360-degree evaluation forms for Task 1 to students and ask them to complete them and send them to you via email.