course-details-portlet

IDATA2501

Information security

Lessons are not given in the academic year 2025/2026

Credits 7.5
Level Third-year courses, level III
Language of instruction English and norwegian
Location Ålesund

About

About the course

Course content

The foundation for information security

  • Terminology
  • Integrity, confidentiality and availability

Techological considerations regarding information security

  • Storage and use of digital information
  • Firewalls, backdoors, viruses, security breaches in applications
  • Security requirements to the systems
  • Risk management
  • Single point of failure, backup, physical safety measure
  • Problems addressing wireless
  • Cryptography and certificates

Organizational problems regarding information security:

  • Identify the human factor
  • Managements responsibilities for information security
  • Risk management and information assets management
  • Increase knowlegde regarding information security
  • The conflict between security and user friendly systems

Importance of anchoring security work in the entire organization: standards, laws and regulations.

Learning outcome

Knowledge:

  • understand the meaning of information security
  • know and understand the key concepts within the area
  • know current threats to information security
  • have a good knowledge of the laws and regulations of the area
  • be familiar with recognized methods and standards for improved information security
  • have knowledge of relevant technical and organizational means to improve information security

Skills:

  • do a risk analysis for an hypothetical organization (case)
  • recommend appropriate and effective measures to improve information security
  • prepare a contingency plan for a hypothetical business (case)
  • establish adequate security in restricted operating environment (lab)

Competence:

  • be able to update their knowledge about information security
  • communicate their knowledge of information security also to persons without ICT background
  • be able to communicate on the subject with an organization's strategic management

Learning methods and activities

Teaching methods: Lectures, case studies and assignments

Mandatory activities: 3-5 mandatory assignments. All the mandatory assignments have to be approved in order to get access to the exam.

Compulsory assignments

  • Mandatory assignments

Further on evaluation

The portfolio consists of a predefined number of case studies/assignments and a term paper/project.

The portfolio contains assignments that are carried out, digitally documented and submitted during the term. Both individual and team assignments may be given. Assignments are designed to help students achieve specific course learning outcomes, and formative feedback is given during the period of the portfolio. The assessment is an overall evaluation of the portfolio. Candidates may be called to an additional oral examination.

Specific conditions

Admission to a programme of study is required:
Computer Science - Engineering (BIDATA)

Course materials

Announced at the start of the semester

Credit reductions

Course code Reduction From
ID302809 7.5 sp Autumn 2021
This course has academic overlap with the course in the table above. If you take overlapping courses, you will receive a credit reduction in the course where you have the lowest grade. If the grades are the same, the reduction will be applied to the course completed most recently.

Subject areas

  • Information Security

Contact information

Department with academic responsibility

Department of ICT and Natural Sciences

Examination

Examination