DIFT2007 - Information security management


Examination arrangement

Examination arrangement: School exam
Grade: Letter grades

Evaluation Weighting Duration Grade deviation Examination aids
School exam 100/100 4 hours E

Course content

Cybersecurity terminology and history, legal and ethical issues in cybersecurity, vulnerability in digital infrastructures, identities, authentication and authorization, human aspects of cybersecurity, basic threat profiling, future visions for a more secure digital society. Information security management systems (ISMS), frameworks for security work, standards 27001 and 27002, risk analyzes, security policy, security culture and evaluation.

Learning outcome


the candidate can:

  • explain the application of the standards ISO 27001 and ISO 27002 with emphasis on both connections and differences between them
  • explain a step-by-step plan for the introduction of an information security management system and account for critical success factors in each of the phases
  • explain the importance of information security for the company's finances and reputation
  • give an account of the most commonly used concepts in cybersecurity as well as the subject's most important historical development
  • explain how vulnerabilities in digital infrastructures can arise and how the most common vulnerabilities can be counteracted


the candidate can:

  • make an assessment of strategy and measures for anchoring the safety work, based on a prior analysis of the situation in a specific company
  • carry out a risk analysis for a specific company based on a standard procedure and prioritize and implement relevant measures to reduce the risk value for identified threats
  • propose a strategy to involve both the company's own employees and any external expertise in the change processes related to the introduction of an ISMScarry out basic threat profiling and risk analysis
  • use tools to protect identities from common security attacks

General competence:

the candidate can:

  • account for society's vulnerability as a consequence of cybersecurity challenges
  • can search for and apply relevant subject matter to shed light on a given problem
  • convey subject matter both in writing and orally

Learning methods and activities

Lectures, major project work in groups, supervision meetings

Compulsory assignments

  • Compulsory assignments

Further on evaluation

Mandatory exercises. 6 exercises must be approved before you are allowed to take the exam.

The re-sit exam might be changed to oral exam.

The re-sit examination is held in November/December.

Specific conditions

Admission to a programme of study is required:
Digital Business Development (ITBAITBEDR)

Required previous knowledge

The course has study requirements, and is reserved for students admitted to the Bachelor in Digital Forretningsutvikling (Digital Business Development).

Course materials

Stated at the start of the semester.

Credit reductions

Course code Reduction From To
DCST2005 7.5 AUTUMN 2020
IBED2003 7.5 AUTUMN 2020
IINI2009 7.5 AUTUMN 2020
IDRI2004 7.5 AUTUMN 2020
INFT2001 7.5 AUTUMN 2020
DCSG2005 7.5 AUTUMN 2020
IFUD1119 7.5 AUTUMN 2020
More on the course



Version: 1
Credits:  7.5 SP
Study level: Intermediate course, level II


Term no.: 1
Teaching semester:  SPRING 2025

Language of instruction: Norwegian

Location: Trondheim

Subject area(s)
  • Computer Science
Contact information
Course coordinator: Lecturer(s):

Department with academic responsibility
Department of Computer Science


Examination arrangement: School exam

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Autumn UTS School exam 100/100 E INSPERA
Room Building Number of candidates
Spring ORD School exam 100/100 E INSPERA
Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU