IIKG3000 - Introduction to informations security and privacy


Examination arrangement

Examination arrangement: Portfolio
Grade: Letter grades

Evaluation Weighting Duration Grade deviation Examination aids
Portfolio 100/100

Course content

The way systems are developed and operated is changing. Professionals who, in the past, might have been regarded as conventional end-users, now play a role in the development and operation of information systems. Contemporary engineers and scientists are now expected to possess a range of information technology skills. For example, they are expected to use these skills to build a web-based front end for their application, to interact with and control IoT devices, to integrate with third-party services and infrastructure, or to leverage data as a commodity. With these everyday skills comes a responsibility to ensure that security and privacy concerns are adequately considered in the systems that they build and work with. However, we see many public examples of where this does not happen: security and privacy breaches are reported for information systems, medical devices, industrial control systems, and more.

The objective of this introductory course is to provide a basic competence in a selection of contemporary information security and privacy topics. It is intended for students who expect to play a role in the development and operation of information systems.     

Learning outcome

After having completed the course the student will have have aquired the following learing outcomes in terms of knowledge, skills and general competence:


  • Has broad knowledge of important topics, theories, issues, processes, tools and methods within information security and privacy
  • Is familiar with research and development work in information security and privacy
  • Can update his/her knowledge in information security and privacy
  • Has knowledge of the history, traditions, distinctive character and place in society of the academic field.


  • Can apply academic knowledge and relevant results of research and development work in information security and privacy to practical and theoretical problems within other domains and make well-founded choices
  • Can reflect upon his/her own academic practice and adjust it under supervision
  • Can find, evaluate and refer to information and scholarly subject matter and present it in a manner that sheds light on the problem
  • Masters relevant scholarly tools, techniques and forms of communication .

General Competence

  • Can analyse relevant academic, professional and research ethical problems
  • Can apply his/her knowledge and skills in new areas in order to carry out advanced assignments and projects
  • Can communicate extensive independent work and masters language and terminology of the academic field
  • Can communicate about academic issues, analyses and conclusions in the field, both with specialists and the general public
  • Can contribute with perspectives related to information security and privacy in new thinking and innovation processes.

Learning methods and activities

The course is based on a combination of lectures, team work, and self-defined project work. The students are encouraged to work on topics related to their primary interest field with a focus on technological and organizational challenges related to information security and privacy. In addition the students are challenged to create digital presentation and execute peer review of the work of other students.

The course in based on Blackboard as a digital learning platform and physical gatherings. The participants will be partitioned in teams, and real time team participation is expected. The project work can be done individually or in groups (different from the more structural teams mentioned above). The project work is to be documented as a portfolio with focus on self-defined topics within information security and privacy.

The learning activities include:

  • Lectures
  • Group work
  • Plenary presentations
  • Experience exchange in plenary settings
  • Written works.

This is a multi-campus course. Lectures and activities will partly will be organized on all NTNU campus with active student in the course, partially online.

Further on evaluation

The portfolio consists of

  • Two digital presentations
  • Two peer reviews
  • Three written works (individual or in groups)

Portfolio assessment failure implies a course retake

Course materials

  • M. Whitman og H. Mattord: Principles of Information Security, CENGAGE, 6. Utgave, 2019
  • Distributed material

Credit reductions

Course code Reduction From To
TDT4237 2.5 AUTUMN 2021
IMT4113 2.5 AUTUMN 2021
DCSG1002 5.0 AUTUMN 2021
DCST1002 5.0 AUTUMN 2021
More on the course



Version: 1
Credits:  7.5 SP
Study level: Second degree level


Term no.: 1
Teaching semester:  AUTUMN 2022

Language of instruction: Norwegian

Location: Ålesund , Gjøvik , Trondheim

Subject area(s)
  • Information Security
Contact information
Course coordinator:

Department with academic responsibility
Department of Information Security and Communication Technology


Examination arrangement: Portfolio

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Autumn ORD Portfolio 100/100





Room Building Number of candidates
Autumn UTS Portfolio 100/100
Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU