course-details-portlet

IMT6111

Risk Management 1

Credits 5
Level Doctoral degree level
Course start Autumn 2016
Duration 1 semester
Language of instruction English
Examination arrangement Oral examination and Project work

About

About the course

Course content

Risk Management in the context of an Information Security Management system

Study of framework / standards for risk assessment

Learning outcome

When the course is completed, the student should have:Knowledge

Possesses advanced knowledge within specific frameworks /standards in Risk Management covered by the Master Programme.

Possesses insight and good understanding of the practical work of Risk Management in practical life

Skills

Is able to practice existing frameworks, standards and methods and to challenge established knowledge and practice in the media technology area.

Is able to use a given standard, framework or method in Risk Management and Risk Assessment in an organisation.

Is able to understand the nature of a Rsik Framework and how to apply this to an organisation

Is able to understand the major principles of Risk Management

Is able to understand which practical guidance and techniques are available

Guide to assist with the implementation of a Risk Management framework

Is able to apply a Risk Management standard/ framework to a practical case study

General CompetenceHaving completed the course, the students should have:

An advanced level of understanding of the structure and content of a risk management framework/ standard

An understanding of the advantages, challenges and complexity of working with Information Security Management and IT related risks in organisations.

An understanding of how to make well-informed decisions about and to respond to the extent of the IT risk

Learning methods and activities

Forelesninger|Gruppearbeid|Nettstøttet læring|Prosjektarbeid|Samling(er)/seminar(er)|Veiledning

Utfyllende informasjon:

The course will include an introductory lecture providing an overview of the course content. The primary teaching method for the course is project work. The students are required to carry out and document a Risk Management activity by means of a case study.Students are expected to present their work-in-progress at the seminars for discussions. Guidance, supervision and feedback will be provided during seminars only and given on material presented at the seminars only.Students that cannot be present during the seminars are expected to be present by means of the Fronter Teleconference tool.

Further on evaluation

Utfyllende om kontinuasjon:

Not allowed.

Vurderingsformer:

Project(s)

Oral exam (individual)

Both parts must be passed

The students are free to choose if they want to complete the project individually or in groups. Every group must have no more than 4 members, and all members of the group must be registered on the same course code.

Specific conditions

Admission to a programme of study is required:
Computer Science (PHD-CS)
Information Security (PHD-IS)

Course materials



ISO/IEC 27005:2011. Information security risk management

ISACA.www.isaca.org.  COBIT 5 for Risk

ISACA (www.isaca.org). The Risk IT Practitioner Guide. 2009.

 Additional Recommended reading

ISACA. COBIT 5. www.isaca.org

ISO/IEC 27001:2013. Information security management systems - Requirements

Subject areas

  • Informatics

Contact information

Department with academic responsibility

Department of Information Security and Communication Technology

Examination

Examination

Examination arrangement: Oral examination and Project work
Grade: Passed/Failed

Ordinary examination - Autumn 2016

Oral exam and Project Work
Weighting 100/100 Date 2016-10-20

All about examinations at NTNU