Course Syllabus
| This course syllabus is discontinued or replaced by a new course syllabus. |
|
|
Course Syllabus |
| Informatics, Applied Information Security Management, Second Cycle, 12 Credits | |||
| Course Code: | IK405A | Subject Area: | Field of Technology |
|---|---|---|---|
| Main Field of Study: | Informatics | Credits: | 12 |
| Subject Group (SCB): | Informatics/Computer and Systems Sciences | ||
| Education Cycle: | Second Cycle | Progression: | A1F |
| Established: | 2017-11-17 | Last Approved: | 2018-09-27 |
| Valid from: | Spring semester 2019 | Approved by: | Head of School |
General aims for second cycle education
Second-cycle courses and study programmes shall involve the acquisition of specialist knowledge, competence and skills in relation to first-cycle courses and study programmes, and in addition to the requirements for first-cycle courses and study programmes shall
- further develop the ability of students to integrate and make autonomous use of their knowledge
- develop the students' ability to deal with complex phenomena, issues and situations, and
- develop the students' potential for professional activities that demand considerable autonomy, or for research and development work.
(Higher Education Act, Chapter 1, Section 9)
1. Based on relevant theories understand different types of management systems that exist in an organization and that there may be conflicts between these different management systems.
2. Have the ability to carry out an information asset classification for a specific case.
3. Have the ability to carry out a risk analaysis for a specific case.
4. Be able to compare and contrast information assett classification and risk analysis.
5. Be able to analyze how an organization has applied ISO 27001, ISO 27002 and ISO 22301.
6. Based on relevant theories and methods understand and assess business management consequences of investments in information security given a specific case.
7. Based on guideslines for oral and written commnication have the ability to design a presentation about information security for a specific target group with a specific purpose.
The course consists of six modules:
1. Management systems: organizational management systems and information security management systems, as well as potential conflicts between different goals and different management systems. (Addressing goal 1)
2. The ISO-standards ISO 27001, ISO 27002 and ISO 22301: applications of these standards as well as knowledge about the certification process. (Addressing goal 5)
3. Information asset classification: introducing a method for information asset classification and how it can be applied, how to carry out an information asset classification. Be able to discuss the relation between information asset classification and risk analysis. (Addressing goal 2)
4. Risk analysis: introducing a method for risk analysis and how it can be applied, how to carry out a risk analysis. Be able to discuss the relation between information asset classification and risk analysis. (Addressing goal 2, 3 & 4)
5. Business management considerations: Knowledge about and the ability to assess consequences of investments in information security (e.g., ethics, opportunities, ROI, cost-benefit, evaluation, auditing). (Addressing goal 6)
6. Tagetgroup-specific communication- and presentationskills: how to design a presentation for top management. (Addressing goal 7)
The employeed teaching methods are anchored in flipped classroom and case-based learning. Flipped classroom means focusing on exploring topics in greater depth and creating meaningful learning opportunities in class time, while content delivery is made outside of the classroom. Case-based learning means that scenarios from real-world examples are used to as a point of departure for in class activities and assignments. In this course these theaching methods are implemented through online- and campus lectures, individual readings and seminars where different cases are discussed and analyzed.
Students who have been admitted to and registered on a course have the right to receive tuition and/or supervision for the duration of the time period specified for the particular course to which they were accepted (see, the university's admission regulations (in Swedish)). After that, the right to receive tuition and/or supervision expires.
For further information, see the university's local examination regulations (in Swedish).
According to the Higher Education Ordinance, Chapter 6, Section 18, a grade is to be awarded on the completion of a course, unless otherwise prescribed by the university. The university may prescribe which grading system shall apply. The grade is to be determined by a teacher specifically appointed by the university (an examiner).
According to regulations on grading systems for first- and second-cycle education (vice-chancellor's decision 2010-10-19, reg. no. CF 12-540/2010), one of the following grades is to be used: fail, pass, or pass with distinction. The vice-chancellor or a person appointed by the vice-chancellor may decide on exceptions from this provision for a specific course, if there are special reasons.
Grades used on course are Fail (U), Pass (G) or Pass with Distinction (VG).
FINAL GRADE
The final grade will be translated into the ECTS grading scale.
In order to receive the grade Pass, the student must be awarded minimum Pass on all examinations. In order to receive the grade Pass with Distinction, the student must be awarded Pass with Distinction on Individual Written Assessment and Individual Written and Oral Presentation and Pass on all other examination parts.
For further information, see the university's local examination regulations (in Swedish).
Informatics, Basic Course 30 Credits, 30 Credits at intermediate course level within Informatics and successful completion of at least 15 Credits at advanced course level within Informatics. Alternatively Business Administration, Basic Course, 30 Credits, Business Administration, Intermediate Course, 30 Credits and successful completion of at least 15 Credits at advanced course level within Business Administration. Alternatively 30 Credits within G1N in Computer Science and 45 Credits within G1F in Computer Science.
In addition, successful completion of at least 22,5 Credits in the first semester of the Master's Programme in Information Systems - Information Security Management and successful completion of the course "English B/English 6" from the Swedish Upper Secondary School or equivalent is required.
For further information, see the university's admission regulations (in Swedish).
Students who have previously completed higher education or other activities are, in accordance with the Higher Education Ordinance, entitled to have these credited towards the current programme, providing that the previous studies or activities meet certain criteria.
For further information, see the university's local credit transfer regulations (in Swedish).
Remaining tasks should be completed as soon as possible according to the teacher's instructions.
Reading List and Other Teaching Materials
Required Reading
De standarder som behandlas under kursen kommer att göras tillgängliga via universitetetsbibliotekets hemsida. Övriga artiklar och annat material tillkommer om ca 200 sidor - tillhandahålles av institutionen./ The standards that are used during the course will be made available via the University library's homepage. Additional research papers and course material will be made available by the department, approximately 200 pages.
See this Course Syllabus as PDF