Course - Information security management - DIFT2007
Information security management
Assessments and mandatory activities may be changed until September 20th.
About
About the course
Course content
Cybersecurity terminology and history, legal and ethical issues in cybersecurity, vulnerability in digital infrastructures, identities, authentication and authorization, human aspects of cybersecurity, basic threat profiling, future visions for a more secure digital society. Information security management systems (ISMS), frameworks for security work, standards 27001 and 27002, risk analyzes, security policy, security culture and evaluation.
Learning outcome
Knowledge:
the candidate can:
- explain the application of the standards ISO 27001 and ISO 27002 with emphasis on both connections and differences between them
- explain a step-by-step plan for the introduction of an information security management system and account for critical success factors in each of the phases
- explain the importance of information security for the company's finances and reputation
- give an account of the most commonly used concepts in cybersecurity as well as the subject's most important historical development
- explain how vulnerabilities in digital infrastructures can arise and how the most common vulnerabilities can be counteracted
Skills:
the candidate can:
- make an assessment of strategy and measures for anchoring the safety work, based on a prior analysis of the situation in a specific company
- carry out a risk analysis for a specific company based on a standard procedure and prioritize and implement relevant measures to reduce the risk value for identified threats
- propose a strategy to involve both the company's own employees and any external expertise in the change processes related to the introduction of an ISMScarry out basic threat profiling and risk analysis
- use tools to protect identities from common security attacks
General competence:
the candidate can:
- account for society's vulnerability as a consequence of cybersecurity challenges
- can search for and apply relevant subject matter to shed light on a given problem
- convey subject matter both in writing and orally
Learning methods and activities
Lectures, major project work in groups, supervision meetings
Compulsory assignments
- Compulsory assignments
Further on evaluation
Compulsory assignments: 6 exercises must be approved before you are allowed to take the exam.
The re-sit exam might be changed to oral exam.
The re-sit examination is held in November/December.
Specific conditions
Admission to a programme of study is required:
Digital Business Development (ITBAITBEDR)
Recommended previous knowledge
None
Required previous knowledge
The course has study requirements, and is reserved for students admitted to the Bachelor in Digital Forretningsutvikling (Digital Business Development).
Course materials
Stated at the start of the semester.
Credit reductions
| Course code | Reduction | From |
|---|---|---|
| IBED2003 | 7.5 sp | Autumn 2020 |
| IINI2009 | 7.5 sp | Autumn 2020 |
| IDRI2004 | 7.5 sp | Autumn 2020 |
| INFT2001 | 7.5 sp | Autumn 2020 |
| IFUD1119 | 7.5 sp | Autumn 2020 |
| DCST1002 | 5 sp | Autumn 2025 |
| DCST2005 | 2.5 sp | Autumn 2025 |
| DCSG2005 | 2.5 sp | Autumn 2025 |
Subject areas
- Computer Science
Contact information
Course coordinator
Lecturers
Department with academic responsibility
Examination
Examination
Re-sit examination - Autumn 2025
School exam
The specified room can be changed and the final location will be ready no later than 3 days before the exam. You can find your room location on Studentweb.