ID302809 - Information security


Examination arrangement

Examination arrangement: Portfolio assessment
Grade: Letters

Evaluation form Weighting Duration Examination aids Grade deviation
Portfolio assessment 100/100 A

Course content

The foundation for information security
- terminology
- integrity, confidentiality and availability

Techological considerations regarding information security
- Storage and use of digital information
- Firewalls, backdoors, viruses, security breaches in applications
- Security requirements to the systems
- Risk management
- Single point of failure, backup, physical safety measure
- Problems addressing wireless
- Cryptography and sertificates 

Organizational problems regarding information security
- Identify the human factor
- Managements responsibilities for information security
- Risk management and information assets management
- Increase knowlegde regarding information security
- The conflict between security and user friendly systems

Importance of anchoring security work in the entire organization
- Standards, laws and regulations

Learning outcome

- understand the meaning of information security
- know and understand the key concepts within the area
- have a good understanding of the value of information and information systems in organizations
- know current threats to information security
- have a good knowlede og the laws and regulations of the area
- be familiar with recognized methods and standards for improved information security
- have knowledge of relevant technical and organizational means to improve information security

- do a risk analysis for an hypotetical organization (case)
- recommend appropriate and effective measures to improve information security
- prepare a contingency plan for a hypotetical business (case)
- establish adequate security in restricted operating environment (lab)

- be able to update their knowledge about information security
- communicate their knowledge of information security also to persons without ICT background
- be able to communicate on the subject with an organization's stratecic management

Learning methods and activities

teaching methods:
Lectures, casestudies and assignments 

Mandatory work requirements:
All mandatory casestudies/assignments and the termpaper are to be delivered in time to get an assessment.

Mandatory activities:
3-5 mandatory assignments. All the mandatory assignments have to be approved in order to get access to the exam, and they are part o the portfolio.

Further on evaluation

Portfolio assessment. The portfolio consist of a predefined number of case studies/assignments and a term paper/project. The assessment is an overall evaluation of the portfolio. Candidates may be called to an additional oral examination.

Specific conditions

Admission to a programme of study is required:
Engineering - Automation (017AU)
Engineering - Computer Science (004DA)

Course materials

1. Principles of Information Security (6th ed) Course Technology-Cengage Learning, 2018, ISBN-13 9781337102063. Michael E. Whitman and Herbert J. Mattord.

2. Håndbok i datasikkerhet - informasjonsteknologi og risikostyring (4. utgave) Tapir Akademisk Forlag, 2019, ISBN 978-82-450
2789-1.Torgeir Daler, Roar Gulbrandsen, Tore Audun Høie og Torbjørn Sjølstad.

More on the course



Version: 1
Credits:  10.0 SP
Study level: Third-year courses, level III


Term no.: 1
Teaching semester:  AUTUMN 2020

No.of lecture hours: 8

Language of instruction: English, Norwegian

Location: Ålesund

Subject area(s)
  • Engineering
Contact information
Course coordinator: Lecturer(s):

Department with academic responsibility
Department of ICT and Natural Sciences



Examination arrangement: Portfolio assessment

Term Status code Evaluation form Weighting Examination aids Date Time Digital exam Room *
Autumn ORD Portfolio assessment 100/100 A
Room Building Number of candidates
Spring UTS Portfolio assessment 100/100 A
Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU