Study Guide

Learning outcomes

The student is able to:
- define information and cyber security principles
- define fundamental information and cyber security compliance requirements, best practices and apply those
- assess and manage information and cyber security risks
- create information and cyber security procedures and guidelines

Teaching methods

The implementation plan is available in Finnish.

Grading scale

H-5

Qualifications

Before enrolling to this study unit, you should have adequate competence level of safety, security and risk management, which you can acquire for example by completing study unit Business Continuity 5 credits or Basics of Corporate Safety, Security and Risk Management 10 credits

Learning outcomes

The student is able to:
- define information and cyber security principles
- define fundamental information and cyber security compliance requirements, best practices and apply those
- assess and manage information and cyber security risks
- create information and cyber security procedures and guidelines

Teaching methods

The implementation plan is available in Finnish.

Grading scale

H-5

Qualifications

Before enrolling to this study unit, you should have adequate competence level of safety, security and risk management, which you can acquire for example by completing study unit Business Continuity 5 credits or Basics of Corporate Safety, Security and Risk Management 10 credits

Learning outcomes

The student is able to:
- define information and cyber security principles
- define fundamental information and cyber security compliance requirements, best practices and apply those
- assess and manage information and cyber security risks
- create information and cyber security procedures and guidelines

Teaching methods

This implementation is designed for blended learning. The course includes scheduled face-to-face sessions (beginning and end) as well as independent online learning. Guidance for course assignments is provided remotely via Zoom. The course involves both individual and group work. The implementation of the course is supported by the learning environment built in Canvas, where course materials, assignments, and important dates are gathered. It is crucial for learning to participate in face-to-face sessions held on campus according to the schedule. Feedback on assignments will be given by the teacher, either to groups or individuals.

NOTE:
- This study unit is preferably offered for students of Safety, Security and Risk Management as compulsory studies (HRA groups) and other students are eligible to be enrolled in case of free seats
- If you are not security management student, please review study unit Introduction for Information Security of IT degree

Learning materials and recommended literature

The teaching is primarily based on the ISO 27000 series of standards. As a student at Laurea, you can familiarize yourself with them at https://libguides.laurea.fi/security/standards. Other materials will be shared on Canvas.

Additionally, the course material includes the book: Mikko Hyppönen's "If It's Smart, It's Vulnerable." The book is also available in Finnish under the title "Internet."

Alternative completion methods of implementation

All students are entitled to demonstrate their competence. The recognition and accreditation of prior competence is initiated by the students themselves. The competence is recognized and accredited by the teacher responsible for the studies or another person designated to the position. The assessment is carried out according to the same assessment criteria and, as a rule, same grading scale as that adopted for the corresponding study unit or module. The student is entitled to apply for accreditation of prior competence regardless of where, how and when the competence has been acquired. The student may also seek accreditation of competence to be acquired on the job as part of their degree (work-based learning). ... The student is responsible for demonstrating and verifying their competence and for providing sufficient information.

For more information, please refer to the student intranet: https://laureauas.sharepoint.com/sites/studentEn_planningstudies/SitePages/Recognition-of-Prior-Learning.aspx


Students can also apply for the recognition of competence acquired through work as part of their degree (work-based learning). Students are responsible for demonstrating competence, providing evidence, and submitting sufficient information. The competence is assessed jointly by the student and the supervisor receiving the demonstration. For more information, please refer to the student intranet: https://laureauas.sharepoint.com/sites/studentEn_planningstudies/SitePages/Work-based-learning.aspx

Co-operation with working life and/or RDI

Some of the assignments can be implemented in collaboration with the working life.

Students are offered the opportunity to participate in the Cyber Morning seminar.

Important dates

According to the degree regulations (section 18) “students must be present in the first contact session or notify their teacher in charge if they cannot attend. If they fail to notify the teacher of their absence in the first contact session, their enrollment will be rejected. Another student in the queue may be enrolled in the study unit in the place of the absent student.” (Laurea degree regulations) In the case of online studies the lecturer can also specify some other way than participation on an online meeting what is required from the student so that he/she verifies his/her attendance on the study unit (Decision by the vice president, education 7/2019).

The course workspace will be published in Canvas by 9.1.2024.

The course begins on January 10, 2024. The opening lecture (January 10, 2024) and the closing lecture (May 16, 2024) will be held in face-to-face sessions and will not be recorded. The other three lectures can be viewed independently by the students. Important dates for the implementation are available to students on Canvas.

Assignment submission deadlines will be announced on Canvas at the beginning of the course. The exam will take place on May 7, 2024. If a student is unable to attend the exam or receives a fail grade, they have the opportunity to participate in a retake exam (a total of three opportunities).

Forms of internationality

The study unit is suitable for exchange students.

Students workload

The scope of the course is 5 ECTS credits, which corresponds to 135 hours of student work. This time includes face-to-face sessions, guidance, assignments, and independent study of the materials.

Content and scheduling

The course covers the basics of information and cyber security. The focus is on topics that security professionals should at least be aware of regarding information and cyber security. Completing the course does not require in-depth technical expertise or knowledge of the subject. The framework for the course is the ISO 27000 series of standards. The course is divided into five modules:
- Fundamentals
- Organizational control measures
- Personnel-related control measures
- Physical control measures
- Technological control measures.

Further information for students

The study unit corresponds to the requirements of Bachelor's level education.

Those enrolling in the course should have sufficient knowledge of the fundamentals of security and risk management, which can be obtained, for example, by completing the course Business Continuity 5 ECTS credits or Basics of Corporate Security and Risk Management 10 ECTS credits.

There are 5 spots available for open university of applied sciences students on the course. The course is also suitable for exchange students.

The quality of the study unit implementation has been assessed and the self-evaluation report is available in Canvas.

Grading scale

H-5

Evaluation methods and criteria

“The evaluation of competence is based on the descriptions of objectives in the curricula, and the level of competence is assessed according to the evaluation criteria listed in the implementation plan for the studies.” (Laurea degree regulations).

All tasks must be completed successfully to receive a passing grade for the course. The grade is based on six assessable tasks:
- Four group assignments, each carrying a weight of 10%
- One individual assignment, carrying a weight of 10%
- Exam, carrying a weight of 50%.

The tasks will be assessed within four weeks from the deadline, ensuring that the overall grade for the course will be given no later than three weeks after the final deadline.

In this study unit the assessing of the competences will be done by using the criteria set for requirement level I.

Professional knowledge basis, information searching and reporting

To achieve grade 5 student must be able to
- use professional concepts extensively
- compare and choose
- relevant information
- report and communicate in a professional manner

To achieve grade 3 student must be able to
- use professional concepts in a consistent manner when explaining various work practices and situations
- gather information and use their knowledge basis
- report in the agreed manner

To achieve grade 1 (or pass) student must be able to
- use essential professional concepts when explaining various work practices and situations
- search for information in different sources
- report

Professional practice and workplace development

To achieve grade 5 student must be able to
- work independently, using the skills and methods learned
- take responsibility for interaction with customers and/or co-operation partners and for responding to their needs
- anticipate their need for guidance

To achieve grade 3 student must be able to
- work using the skills and methods learned
- engage in professional interaction with customers and/or co-operation partners and identify their needs
- take part in guidance and utilise it

To achieve grade 1 (or pass) student must be able to
- work under guidance using the skills and methods learned
- interact with customers and/or co-operation partners
- receive guidance

Teamwork, skills, leadership, and responsibility

To achieve grade 5 student must be able to
- promote the team’s work and team spirit
- manage their time appropriately, completing the agreed tasks at the required quality level
- work responsibly, applying the skills and methods learned
- plan and evaluate their work, taking safety and/or ethical aspects into consideration

To achieve grade 3 student must be able to
- engage in goal-oriented work in a team
- plan and manage the progress of their work and use of time
- detect safety-related risks
- justify their actions in accordance with the professional code of conduct

To achieve grade 1 (or pass) student must be able to
- work as a member of a team
- plan the progress of their work and use of time under guidance
- work safely and in accordance with the professional code of conduct
- follow the provided instructions and rules

“Students who has failed to demonstrate their competence in accordance with the approved level must supplement or retake their study attainment in a manner and schedule defined by the teacher of the study unit. A failed exam or other study attainment can be retaken twice. A failure to attend an actual examination is considered to be one completion attempt." (Laurea degree regulations.)

All staff and students of Laurea are expected to adhere to good scientific practices, which includes appropriate referencing. Familiarise yourself with the practices and, if needed, ask for more information. All study assignments are to be done as individual work unless otherwise instructed. If Turnitin is used when assignments are checked, the lecturer will inform the students of this.

Evaluation criteria, fail (0)

The course will be evaluated as failed if any of the tasks are not submitted, if any of the tasks are rejected, or if the criteria for a grade of 1 are not met.

Evaluation criteria, satisfactory (1-2)

Professional knowledge basis, information searching and reporting

To achieve grade 1 (or pass) student must be able to
- use essential professional concepts when explaining various work practices and situations
- search for information in different sources
- report

Professional practice and workplace development

To achieve grade 1 (or pass) student must be able to
- work under guidance using the skills and methods learned
- interact with customers and/or co-operation partners
- receive guidance

Teamwork, skills, leadership, and responsibility

To achieve grade 1 (or pass) student must be able to
- work as a member of a team
- plan the progress of their work and use of time under guidance
- work safely and in accordance with the professional code of conduct
- follow the provided instructions and rules

Evaluation criteria, good (3-4)

Professional knowledge basis, information searching and reporting

To achieve grade 3 student must be able to
- use professional concepts in a consistent manner when explaining various work practices and situations
- gather information and use their knowledge basis
- report in the agreed manner

Professional practice and workplace development

To achieve grade 3 student must be able to
- work using the skills and methods learned
- engage in professional interaction with customers and/or co-operation partners and identify their needs
- take part in guidance and utilise it

Teamwork, skills, leadership, and responsibility

To achieve grade 3 student must be able to
- engage in goal-oriented work in a team
- plan and manage the progress of their work and use of time
- detect safety-related risks
- justify their actions in accordance with the professional code of conduct

Evaluation criteria, excellent (5)

Professional knowledge basis, information searching and reporting

To achieve grade 5 student must be able to
- use professional concepts extensively
- compare and choose
- relevant information
- report and communicate in a professional manner

Professional practice and workplace development

To achieve grade 5 student must be able to
- work independently, using the skills and methods learned
- take responsibility for interaction with customers and/or co-operation partners and for responding to their needs
- anticipate their need for guidance

Teamwork, skills, leadership, and responsibility

To achieve grade 5 student must be able to
- promote the team’s work and team spirit
- manage their time appropriately, completing the agreed tasks at the required quality level
- work responsibly, applying the skills and methods learned
- plan and evaluate their work, taking safety and/or ethical aspects into consideration

Qualifications

Before enrolling to this study unit, you should have adequate competence level of safety, security and risk management, which you can acquire for example by completing study unit Business Continuity 5 credits or Basics of Corporate Safety, Security and Risk Management 10 credits