SECORG - Information Security in Organisations

Level

Advanced level - Second cycle course

Required knowledge

In order to take this course the student must have:

• 7,5 credits in information security, for example the course ML470C Introduction to Information Security

Aim

After the course the student should be able to:

• Describe the key objectives, requirements, actors, activities and problems related to the management of information security in organisations.
• Explain the commonly used best practices, processes, standards and methods of analysis and management of information security in organisations.
• Apply in an independent and efficient manner, the central methods of analysis of information security in organisations.
• Know the meaning of key terms and concepts in the field of information security management.

Syllabus

The course covers the conditions and procedures for information security management in organisations and provides the essential knowledge, skills and assessment abilities required to act as information security adviser or information security manager. The course includes the following areas:

• Terminology
• Policy and guidelines for information security
• Methods for analysis of information
• Relevant objectives, requirements, actors, activities and problems
• Identification of protected information assets
• Key processes for information security management
• Marketing, information, awareness and education in information security in organisations
• Relevant standards and best practices
• Overview of current research in the area