Course - Introduction to Information Security Management - IMT4115
IMT4115 - Introduction to Information Security Management
About
New from the academic year 2016/2017
Examination arrangement
Examination arrangement: Written exam and Project work
Grade: Letters
| Evaluation | Weighting | Duration | Grade deviation | Examination aids |
|---|---|---|---|---|
| Project work | 49/100 | |||
| Written examination | 51/100 | 2 timer |
Course content
Introduction to System Thinking and Scientific Management
Cultural, Organization and Behavior theories used information security management organization.
Legal and Ethical Aspects of Information and Privacy Management.
Overview of current information security management standards and practices
Basic Micro and Macro Theory of Information Security
Introduction to Risk, Threat and vulnerability Modeling
Information Security Management and Security Awareness education and training
Overview of Security Planning and Incident Management
Learning outcome
Knowledge:
The candidate possess through knowledge of the fundamental theories , models practices of information security management for both large and small organization.
The candidate possess insight and understanding of ethical and legal aspect information security management and privacy management
The candidate possesses good understanding of the risk management processes
The candidate possesses good understanding of security planning and incident management process
The candidate possess insight and good understand of security awareness and security escalations issues in information security management work
The candidate possess insight and good understand of both macro and micro economics issues in information security management.
The candidate possess insight of the technological innovation process in IT security and its effect on security management.
The candidate possess basic knowledge of the standards in information security management
Skills:
The candidate is capable of analyzing existing theory , models and methods in the field of information security management and work independently on solving theatrical and practical problems.
The candidate is capable of applying his/her knowledge to both modeling the potential problems and the solutions in information security management and be able to communicate this problems and solutions using basic rhetorical skills.
The candidate is capable of using and the basic terminology and is aware of the basic standards used in the area.
General competence:
Can participate in group work and manage different organization roles of information security management.
Learning methods and activities
Forelesninger|Gruppearbeid|Nettbasert Læring|Nettstøttet læring|Obligatoriske oppgaver|Prosjektarbeid|Refleksjon|Samling(er)/seminar(er)
Utfyllende informasjon:
The course will be made accessible for both campus and remote students. Every student is free to choose the pedagogic arrangement form that is best fitted for her/his own requirement. The lectures in the course will be given on campus and are open for both categories of students. All the lectures will also be available on Internet through GUC¿s learning management system (Fronter).
Obligatoriske arbeidskrav:
Each group must present and get approval on their mini case work s/case.
Compulsory assignments
- Coursework Requirements
Further on evaluation
Utfyllende om kontinuasjon:
Ordinary re-sit examination for the written exam in August.A new, written assignment must also be completed for failed project report.
Vurderingsformer:
Project reports (49%)
2-hours written individual exam (51%).
Each part must be passed to pass the course.
Specific conditions
Admission to a programme of study is required:
Information Security (MIS)
Information Security (MISD)
Course materials
Books/standards, conference/journal papers and web resources.Maani, Kambiz E.; Cavana, Robert Y. Systems Thinking And Modelling. Pearson Education. 9781877371035Optional:Michael Whitman, Herbert Mattord og Andrew Green: Principles of Incident Response and Disaster Recovery, 2nd Edition. Thomson, 2014.
Marie A. Wright: John S Kakalik , Information Security: Contemporary CasesInformation Security: Contemporary Cases , Jones and Bartlett Publishers, Inc. , USA ©2006 ISBN:0763738190
PDF Version of slides and exercises as published on-lineLiterature:
Alan Calder & Steve Watkins. IT Governance : IT Governance: A Manager's Guide to Data Security and ISO 27001 / ISO 27002. Fourth Edition. Kogan Page. 2008.Peter L. Bernstein, "Against the Gods - the Remarkable Story of Risk", John Wiley & Sons, ISBN 0-471-29563-9 ,Paperback, 1998
Credit reductions
| Course code | Reduction | From | To |
|---|---|---|---|
| IMT4571 | 2.5 |
No
Version: 1
Credits:
7.5 SP
Study level: Second degree level
Term no.: 1
Teaching semester: AUTUMN 2016
Language of instruction: English
-
- Information Security
- Stewart James Kowalski
Department with academic responsibility
Department of Information Security and Communication Technology
Examination
Examination arrangement: Written exam and Project work
- Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
- Autumn ORD Project work 49/100
-
Room Building Number of candidates - Autumn ORD Written examination 51/100 2016-12-14 10:00
-
Room Building Number of candidates - Summer KONT Written examination 51/100 2017-08-11 09:00
-
Room Building Number of candidates
- * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.
For more information regarding registration for examination and examination procedures, see "Innsida - Exams"