Examination arrangement

Course content

Historical Technology adoption and Information Security Problems and Solutions in Society Organization and for individuals

Technology enable crime in society and organization

Socio-technical metrics for cultural, and organizational changes.

Introduction to Socio-technical Risk, Threat and vulnerability Modeling

Root Cause Analysis - Society, Organization, Individual .

Learning outcome

Knowledge:

The students shall primarily understand the socio-technical ICT evolution that has taken place over the last thirty years that has led to a widening vulnerability gap between what we can do with ICT and what we can cost effective control with ICT.

The students shall be given a broad systems theory perspective connected to practical cases so they will have the insight to implement a roadmap for information security in organizations and businesses.

The candidate possess insight and understanding  of  technological enable crime

The candidate possesses good understanding of the socio-technical  risk anlaysis and reflect on the use appropriate security metrics for analysis.

Skills:

The student can use relevant systems sciences and socio-technical theory in independent research and development in information security organization and management

The student is capable of performing critical analysis of various literature sources and applying them in structuring and formulating scientific reasoning information security organization and management.

The student is capable of carrying out an independent limited research or development project in information security and management under supervision, following the applicable ethical rules.

General competence

The student is capable of analyzing relevant professional and research ethical problems in information security organization and management.

The student is capable of applying his/her information security knowledge and skills in new fields, in order to accomplish advanced tasks and projects.

The student is capable of discussing professional problems, analyses and conclusions in the information security organization and management, both with specialists and with general audience.

The student is capable of contributing to innovation and innovation processes in information security and socio-technical modeling and analysis for information security management.

Learning methods and activities

Forelesninger|Gruppearbeid|Nettbasert Læring|Nettstøttet læring|Obligatoriske oppgaver|Prosjektarbeid|Refleksjon|Samling(er)/seminar(er)

Utfyllende informasjon:

The course will be made accessible for both campus and remote students. Every student is free to choose the pedagogic arrangement form that is best fitted for her/his own requirement. The lectures in the course will be given on campus and are open for both categories of students. All the lectures will also be available on Internet through NTNU¿s learning management system.

Obligatoriske arbeidskrav:

Each group must present their mini case work s/case (approved/not approved)

Compulsory assignments

• Coursework Requirements

Further on evaluation

Utfyllende om kontinuasjon:

Ordinary re-sit examination in August for the written exam.

Vurderingsformer:

Project reports (49%)

Individual written exam (51%).

Both assessment parts must be passed.

Specific conditions

Course materials

Books/standards, conference/journal papers and web resources.

Roadmap to Information Security, For IT and Infosec Managers, Michael E Whitman, Hervert J Mattord,, Course Technology 2011.

Related articles

Compendium.

OptionalMichael Whitman, Herbert Mattord og Andrew Green: Principles of Incident Response and Disaster Recovery, 2nd Edition. Thomson, 2014.

Marie A. Wright: John S Kakalik , Information Security: Contemporary CasesInformation Security: Contemporary Cases , Jones and Bartlett Publishers, Inc. , USA ©2006 ISBN:0763738190

Credit reductions