ID302809 - Information security


This course is no longer taught and is only available for examination. For a complete course description, see previous academic years.

Examination arrangement

Examination arrangement: Portfolio assessment
Grade: Letters

Evaluation Weighting Duration Grade deviation Examination aids
Portfolio assessment 100/100 A

Course content

The foundation for information security - terminology - integrity, confidentiality and availability Techological considerations regarding information security - Storage and use of digital information - Firewalls, backdoors, viruses, security breaches in applications - Security requirements to the systems - Risk management - Single point of failure, backup, physical safety measure - Problems addressing wireless - Cryptography and sertificates  Organizational problems regarding information security - Identify the human factor - Managements responsibilities for information security - Risk management and information assets management - Increase knowlegde regarding information security - The conflict between security and user friendly systems Importance of anchoring security work in the entire organization - Standards, laws and regulations

Learning outcome

Knowledge: - understand the meaning of information security - know and understand the key concepts within the area - have a good understanding of the value of information and information systems in organizations - know current threats to information security - have a good knowlede og the laws and regulations of the area - be familiar with recognized methods and standards for improved information security - have knowledge of relevant technical and organizational means to improve information security Skills: - do a risk analysis for an hypotetical organization (case) - recommend appropriate and effective measures to improve information security - prepare a contingency plan for a hypotetical business (case) - establish adequate security in restricted operating environment (lab) Competence: - be able to update their knowledge about information security - communicate their knowledge of information security also to persons without ICT background - be able to communicate on the subject with an organization's stratecic management

Learning methods and activities

teaching methods: Lectures, casestudies and assignments  Mandatory work requirements: All mandatory casestudies/assignments and the termpaper are to be delivered in time to get an assessment. Students Mandatory activities: 3-5 mandatory assignments. All the mandatory assignments have to be approved in order to get access to the exam, and they are part o the portfolio.

Further on evaluation

Portfolio assessment. The portfolio consist of a predefined number of case studies/assignments and a term paper/project. The assessment is an overall evaluation of the portfolio. Candidates may be called to an additional oral examination.

Specific conditions

Admission to a programme of study is required:
Engineering - Automation (017AU)
Engineering - Computer Science (004DA)

Course materials

Books: 1. Principles of Information Security (6th ed) Course Technology-Cengage Learning, 2018, ISBN-13 9781337102063. Michael E. Whitman and Herbert J. Mattord. 2. Håndbok i datasikkerhet - informasjonsteknologi og risikostyring (4. utgave) Tapir Akademisk Forlag, 2019, ISBN 978-82-450 2789-1.Torgeir Daler, Roar Gulbrandsen, Tore Audun Høie og Torbjørn Sjølstad.

Credit reductions

Course code Reduction From To
IDATA2501 7.5 AUTUMN 2021
More on the course



Version: 1
Credits:  10.0 SP
Study level: Third-year courses, level III


Language of instruction: English, Norwegian

Location: Ålesund

Subject area(s)
  • Engineering
Contact information

Department with academic responsibility
Department of ICT and Natural Sciences


Examination arrangement: Portfolio assessment

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Autumn ORD Portfolio assessment 100/100 A





Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU