Cybersecurity and Information Management Level 7 Assessment Brief 2025-26

Submission deadline date and time

This assessment comprises of two tasks as described below:

1.TASK 1: You are expected to submit one 7-minute podcast and associated artefacts at the final submission point on Blackboard.

The podcast submission deadline is by no later than 18:59 on Friday, the 24th of October 2025. Any submission received after 18:59 of the date (even if only by a few seconds will be considered as late).

2.TASK 2: You are expected to attempt 80 multiple-choice questions (MCQs) spread over 4 weeks (20 questions per week)

During the second hour of your respective timetabled seminar sessions in week 3, 4, 5, and 6, the MCQ segment of the Blackboard site will open and you would be expected to attempt 20 multiple-choice questions, per week, directly associated with the lecture theme from the prior week. The test will be open book styled. 

Students with a Reasonable Adjustment Plan (RAP) or Carer Support Plan should check their plan to see if an extension to this submission date has been agreed.

How to submit

After developing your podcast audio and the associated artefacts (case study document and subtitle file), you would be expected to submit three separate files on Blackboard.

Please ensure to submit by uploading:

1. One Podcast Case Study showing evidence of scholarly research (in .docx file format). Ensure to save the case study Microsoft Word document (.docx) with your student ID and then upload to Turnitin on Blackboard.
2. The Cliphamp Link to One Audio file (rendered in .mp3 or .mp4 file format)
3. One Closed Caption (SubRip Subtitle) file (in .srt file format)

Note: Ensure your podcast audio is NOT LESS than 5 minutes and does NOT EXCEED 7 minutes. Anything beyond the recommended timescale will not be considered in the marking and scores allocation.

You should submit the three items (two files, and one Clipchamp link) to three different allocated areas on Blackboard by the date set on the schedule (i.e., 18:59 on Friday, the 24th of October 2025). You will be shown where to submit at the appropriate time.

As the University will mark assessments anonymously where this is possible, please use your student roll number and not your name on your submission. 

Assessment task details and instructions

The assessment is a digital portfolio, which includes two distinct tasks:

• A podcast comprising three artefacts (submitted as 2 files and 1 audio link) 
• 80 multiple-choice questions

Detailed instructions on the tasks are below: 

TASK 1: PODCAST AND ASSOCIATED ARTEFACTS (60%)

During your respective timetabled seminar sessions in week 2, 3, 4, and 5, you will be supported by the tutor to develop a 7-minute-long podcast involving two speakers discussing a specific cybersecurity breach. You are expected to learn and utilise a combination of various digital applications, including Microsoft Clipchamp and Google NotebookLM, to develop your podcast. Full guidance will be provided in a slide deck and practically at various points during the seminar sessions. For the case study, you can choose to base your podcast on (a) the 2025 cyber-attack on a UK retailer, The Co-Op, OR (b) the 2025 ransomware attack on another UK retailer, Marks and Spencer (M&S). Choose one case study only.

Your 7-minute podcast, involving two speakers, should provide a detailed and engaging discussion on only one of the two provided case studies. 

Your case study document must:

• Include a one-page executive summary: This portion should provide a high-level overview of your podcast’s content. It must include a brief synopsis of the chosen case study, key findings from your analysis, and your proposed solution. Think of this as a professional briefing document that someone in a leadership role could read to quickly grasp the essential details of your research. This half-page summary should be concisely written and to the point – and placed at the beginning of the document.
• Introduce the case study: Provide a brief overview of the chosen cyber-attack, including the date it occurred, the type of attack (e.g., ransomware, phishing), and the target organisation.
• Discuss the attack vectors: Explain how the cybercriminals gained access to the system. What vulnerabilities were exploited? This is where you’ll demonstrate your understanding of the technical side of the breach.
• Analyse the impacts: Discuss the consequences of the breach. This should cover both financial and reputational damage to the company, as well as the impact on customers and other stakeholders. This is where you’ll demonstrate your understanding of the business implications of the breach.
• Critique the response: Evaluate how the affected company responded to the breach. Did they communicate effectively with their customers? Were their mitigation strategies successful? What lessons can be learned from their response?
• Propose a solution: Based on your analysis, suggest a preventative strategy or a robust action plan that could have either prevented the breach or minimised its damage. This should demonstrate your ability to think strategically about risk management and information security. This is where you’ll demonstrate your understanding of the managerial side of the breach.
• Include a list of references: This is where you demonstrate the rigour of your research. You must provide a properly formatted list of all the sources you used to inform your podcast and executive summary. This should include academic papers, industry reports, news articles, and any other credible sources. Ensure to adopt APA 7th edition using proper in-text quotation and the actual reference list at the end. Additionally, insert hyperlinks to your referenced journal industry reports or websites, etc., where necessary. This list is essential for ensuring the credibility and academic integrity of your work.
  These segmented portions of the document are designed to enrich your presentation and showcase your analytical, technical, business, managerial, strategy, and research skills. Please restrict your document to five pages, maximum:
• One executive summary page, max. You can include the case study title, date, and you student roll number here too. 
• Three case study research notes pages, max, and
• One reference page, max.

Digital Application Utilisation 

A key component of this task is your ability to effectively use modern digital tools to enhance your workflow and the quality of your output, and to communicate academic language to a lay audience. You are expected to learn and utilise a combination of various digital applications, including Microsoft Clipchamp and Google NotebookLM.

Step 1: Google NotebookLM for Podcast production: Google NotebookLM is a powerful tool you will use to organise and synthesise your research materials. You will upload your chosen source documents, including your well-researched case study document, and relevant news articles, academic papers, and official reports related to your chosen case study into a new notebook. You should then leverage NotebookLM’s AI-powered capabilities to generate a two-person 7-minute-long podcast audio by activating the “Audio Overview” feature on the app. Once the audio is ready, preview it by listening from start to finish. If satisfied, download the .mp3 file, which will later be uploaded to Clipchamp. If unsatisfied with the output, tweak your input (i.e., the AI-generated prompt, and uploaded documents, etc.,) and repeat the process until you get a satisfactory podcast audio. This iterative creative process will help you understand the core issues of the breach, including the technical details, the business impact, and the company’s response. A step-by-step guide on how to create this audio file will be provided in a slide deck and in-class seminars.

Step 2: Microsoft Clipchamp for Podcast Post-Production: You will use Microsoft Clipchamp to produce and edit your podcast by uploading the .mp3 file downloaded from Google NotebookLM. Podcast production, in this regard, includes arranging segments, inserting background music, adding an introductory and concluding segment (e.g., a short jingle), inserting video or similar multimedia template elements (optional), and ensuring the final podcast is a professional, polished 7-minute podcast file. You will be assessed on the clarity of your audio, the seamlessness of your edits, and the overall quality of the final podcast file. This tool is chosen for its user-friendly interface and accessibility, allowing you to focus on the content and structure of your discussion. 

Remember that your goal is to not only demonstrate your technical and managerial understanding of a significant cybersecurity breach but also to showcase your ability to use modern digital tools for content creation, knowledge synthesis, and effective communication to a lay audience.

Stuck Your Assignment? Deadlines Are Near?

Hire Assignment Helper Now!

TASK 2: MULTIPLE-CHOICE QUESTIONS (40%)

During week 3, 4, 5, and 6, the respective MCQ segment of the Blackboard site for each week will open and you would be expected to attempt 20 multiple-choice questions, per week, directly drawn from the lecture theme discussed the prior week. Each question will be worth 0.5 marks. In other words, you can score up to a maximum of 10 marks per week if you get all the answers correctly. At the end of week 6, you must have completed all 80 questions as the segment will automatically close by 18:59 on Friday, the 24th of October 2025.

Furthermore, this segment of the assessment is practice based and directly aligned to key learnings from the British Computer Society’s Certificate in Information Security Management Principles (CISMP) and is particularly aimed at helping you prepare for the certification. 

Assessment Criteria

Digital Portfolio components	Detailed requirements
Task: Podcast Artefacts & Multiple-Choice Questions (100 marks)	Podcast (60 marks)		Discussion Points and Quality in the Podcast Audio submitted to Blackboard as a Clipchamp Link (30 marks)
				Case Study Content, Academic Rigour, and Presentation in the Microsoft Word document submitted to Turnitin on Blackboard as a .docx file (25 marks)
				Closed Caption (SubRip Subtitle) file submitted to Blackboard as .srt file (5 marks)
		Multiple Choice Questions (40 marks)		Week Three 20 MCQs (10 marks)
				Week Four 20 MCQs (10 marks)
				Week Five 20 MCQs (10 marks)
				Week Six 20 MCQs (10 marks)

How Your Digital Portfolio Will Be Marked

Your digital portfolio will be assessed based on several key criteria for both the podcast and the multiple-choice questions. We are looking for scholarly rigour, critical thinking, and the effective application of digital tools.

Marks Will Be Awarded For:

• Integration of a Wide Range of Knowledge: You’ll be marked on your ability to synthesise knowledge from various sources, including academic papers, industry reports, and reputable news sites. We expect you to go beyond the provided case study materials and discussions in the lectures and seminars to demonstrate a deep understanding of the topic
• Critical Analysis and Synthesis of a Theme: Your work should not be merely descriptive. We want to see you critically analyse the chosen cyber-attack, exploring its causes, impacts, and the response from the organisation. Your ability to show original thinking and connect different aspects of the breach is required.
• Appropriate Use of AI and Multi-media Elements: For the podcast, we are assessing how well you’ve used tools like Google NotebookLM and Microsoft Clipchamp to create a professional and engaging audio file.

This includes the quality of your audio, the seamlessness of your edits, and the inclusion of any optional multimedia elements. The submission of a professional-looking and functioning closed caption (.srt) file is also a key part of this criterion.

• Professional Academic Referencing: All claims in your case study document must be supported with evidence from a wide range of credible sources. You are expected to use APA 7th edition for both in-text citations and your final reference list, with active hyperlinks included for digital sources.
• Well-Structured and Professional Writing: Your podcast case study document should be well-organised, clear, and professional in its presentation. The one-page executive summary must be concise and to the point, while the 3-page main body of the document should flow logically from one section to the next.
• Understanding and Application of Concepts: Your work will be marked on how well you’ve understood and applied key concepts related to cybersecurity and information management, as aligned to the BCS Certificate in Information Security Management Principles, and covered in the lectures, seminars, and readings. This will be assessed in both your podcast and your performance in the weekly MCQs.

Marks May Be Deducted For:

• Plagiarism: Any unreferenced work copied from other sources will be penalised.
• Incomplete Tasks: Failing to submit all three required podcast artefacts (the case study document, the Clipchamp audio link, and the subtitle file) or not completing the weekly MCQs.
• Misunderstanding of Concepts: Submitting work that demonstrates a lack of understanding of the key concepts discussed in the module.
• Lack of Criticality or Imagination: Your work must be reflective and critical, not just a simple description of events. We are looking for originality and insight.
• Poor Effort: The quality of your submissions should reflect the effort expected of a master’s level student.
• Exceeding Time/Page Limits: Podcast audio files that are not within the 5- to 7-minute range and case study documents exceeding the 5-page limit may be penalised.

Please see the Assessment Marking Rubric at the end of this document for more details about mark allocations and your obligations.

Knowledge and Understanding

Assessed Intended Learning Outcomes

On successful completion of this assessment, you will be able to:

• Apply knowledge of core information security management concepts—including confidentiality, integrity, availability, vulnerability, threats, risks, and countermeasures – to real-world business and organisational scenarios (ILO 1).
• Develop strategic solutions for managing information and cybersecurity, encompassing risk management, threat analysis, security policies, and incident response, while considering legal, ethical, and regulatory requirements within a global and AI-reliant context (ILO 2).
• Critically evaluate various digital and AI-enabled architectural solutions and provide informed recommendations to ensure their safety and security (ILO 3).
• Mitigate the human factor in cybersecurity by applying knowledge and guidance to address the potential threats posed by user behaviour and human error (ILO 4).

Practical, Professional or Subject Specific Skills

• Information Security Management & Governance: You will be able to apply your knowledge of relevant current legislation and regulations (e.g., GDPR, NIS 2 Directive), as well as national and international standards and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework). This practical skill is essential for ensuring an organisation’s compliance and for developing robust governance policies in a global, AI-reliant environment (ILO 2).
• Strategic & Critical Thinking: You will learn to diagnose the complexities of information security management. This involves assessing the intricate interplay of technology, human factors, and business strategy to understand where vulnerabilities and risks exist within an organisation’s information environment (ILO 1, 2, & 4).
• Digital Skills & Tools Proficiency: This module requires you to demonstrate proficiency with a variety of digital tools. You will have developed your skills in using Microsoft Clipchamp for professional multimedia production and Google NotebookLM for advanced research and knowledge synthesis. This practical experience bridges the gap between academic theory and the digital competencies required in today’s workplace (ILO 1, 2, 3, & 4
• Professional Certification Preparation: The knowledge and skills you acquire will directly prepare you to sit for and undertake the BCS Certificate in Information Security Management Principles. This demonstrates your readiness to enter the professional world with a recognised industry certification (ILO 1, 2, 3, & 4).

Employability Skills developed / demonstrated	Communication YES Critical Thinking and Problem Solving YES Data Literacy YES Digital Literacy YES Industry Awareness YES Innovation and Creativity YES Proactive Leadership YES Reflection and Life-Long Learning YES Self-management and Organisation YES Team Working NO
Word count/ duration (if applicable)	Your assignment should be equivalent and up to the effort required to produce a 1,500-word academic essay. However, there is NO WORD COUNT LIMIT. Nevertheless, ensure to stick to the page-count limit with respect to the case study document, i.e., 5 pages, max.
Feedback arrangements	You can expect to receive summative feedback and provisional mark for this assignment on Turnitin within 15 working days of the submission date. An announcement will be sent out to draw your attention to it. Formative feedback (on-going) opportunities will be provided at weekly seminars throughout the module and, crucially, the assessment support seminar session in Week 6.
Use of Generative Artificial Intelligence (AI), Academic Integrity, and Referencing.	You are encouraged to use generative AI tools to aid in the technical creation of your podcast audio (e.g., prompt generation, podcast outlay suggestions, multimedia theme options, etc.) However, the content of your case study document, including all written text, critical analysis, and reflections, must be your original work. Students are expected to learn and demonstrate skills associated with good academic conduct (academic integrity). Good academic conduct includes the use of clear and correct referencing of source materials. Here is a link to where you can find out more about the skills which students need: Academic integrity & referencing Referencing   Academic Misconduct is an action which may give you an unfair advantage in your academic work. This includes plagiarism, asking someone else to write your assessment for you or taking notes into an exam. The University takes all forms of academic misconduct seriously.
Assessment Information and Support	Support for this Assessment You can obtain support for this assessment by arranged assignment drop-in sessions during module delivery, tutors’ emails/office hours, and Assignment Q&A Blackboard site.   You can find more information about understanding your assessment brief and assessment tips for success here. Assessment Rules and Processes You can find information about assessment rules and processes in the Assessment Support module in Blackboard.   Develop your Academic and Digital Skills Find resources to help you develop your skills here. Concerns about Studies or Progress If you have any concerns about your studies, contact your Academic Progress Review Tutor/Personal Tutor or your Student Progression Administrator (SPA). askUS Services The University offers a range of support services for students through askUS including Disability and Inclusion Service, Wellbeing and Counselling Services. Personal Mitigating Circumstances (PMCs) If personal mitigating circumstances (e.g. illness or other personal circumstances) may have affected your ability to complete this assessment, you can find more information about the Personal Mitigating Circumstances Procedure here.
In Year Retrieval Scheme	Your assessment is not eligible for in year retrieval.
Reassessment	If you fail your assessment, and are eligible for reassessment, the deadline of resubmission will be informed by the School Office in the due course. For students with accepted personal mitigating circumstances for absence/non submission, this will be your replacement assessment attempt.   Reassessment task is the same as the original task. The reassessment support will be provided in the format of two tutors’ drop-in sessions We know that having to undergo a reassessment can be challenging however support is available.  Have a look at all the sources of support outlined earlier in this brief and refer to the Personal Effectiveness resources.

Assessment Marking Rubric

Please see the Assessment Rubric below for more clarity on what we expect from you and how various segments of the assessment will be scored.

Criteria	Distinction (79-100%)	Merit (69-79%)	Good (59-69%)	Pass (49-59%)	Fail (0-49%)	Non-Submission/Wrong Submission (0%)
Integration of Knowledge	Demonstrates outstanding synthesis of knowledge from a wide range of academic and industry sources, showing a deep and comprehensive understanding that goes well beyond the provided materials.	Effectively synthesises knowledge from diverse sources, demonstrating a strong understanding of the topic.	Integrates knowledge from some sources, showing a solid understanding of the concepts discussed.	Shows a basic level of knowledge integration from a limited number of sources but may lack depth.	Shows little to no evidence of knowledge integration and may misinterpret core concepts.	The work shows no evidence of knowledge integration or is a non-submission.
Critical Analysis & Synthesis	Provides a highly critical and insightful analysis of the cyber-attack, demonstrating original thinking and an exceptional ability to connect different aspects of the breach. The work is not merely descriptive.	Critically analyses the chosen cyber-attack, exploring causes, impacts, and responses. The analysis shows good synthesis and connection of ideas.	Provides a clear analysis of the cyber-attack. The work is mostly descriptive but includes some critical points.	The work is largely descriptive, with limited or no critical analysis of the breach.	The work is completely descriptive, lacking any critical analysis, synthesis, or original thought.	The work is a non-submission or shows no attempt at analysis.
Use of Digital Tools & Multimedia	Expertly uses Google NotebookLM and Microsoft Clipchamp to produce a professional, highly engaging, and well-edited podcast with flawless audio quality and a perfect closed caption file.	Effectively uses digital tools to produce a professional and engaging podcast with good audio quality and a functional closed caption file.	Shows competence in using the digital tools to create a functional podcast and a basic closed caption file.	The use of digital tools is basic, resulting in a podcast that may lack professional polish or a fully functional closed caption file.	The podcast audio is unprofessional (e.g., poor quality, no edits) or the closed caption file is non-functional or of very poor quality. The submission lacks a required component (e.g., audio, case study, or subtitle file).	The submission is missing a required file (e.g., podcast audio, case study document, or subtitle file).
Professionalism & Rigour	Submissions are exemplary in every aspect, including perfect APA 7th edition referencing, logical structure, and concise writing in the case study document. No errors. The work demonstrates high originality and insight.	Submissions are professional and well-structured with accurate APA 7th edition referencing. The writing is clear, and the work reflects a good level of originality.	Submissions are generally professional, but may have minor issues with referencing, structure, or writing clarity.	Submissions have noticeable issues with referencing, structure, or clarity, reflecting a lack of professional presentation.	The work demonstrates poor academic conduct, including significant errors in referencing, poor structure, or a lack of professional presentation. Plagiarism or submitting work that is not you