Information Security Management (5 cr)
Code: R0319-3001
General information
Enrollment
26.11.2018 - 02.12.2018
Timing
28.01.2019 - 22.04.2019
Number of ECTS credits allocated
5 op
Virtual proportion
5 op
Mode of delivery
Distance learning
Unit
Laurea university of applied sciences
Campus
Laurea common
Teaching languages
- English
Seats
20 - 40
Degree programmes
- Laurea täydentävä osaaminen, amk-tutkinto (TON2), Tietojenkäsittely ja tietoliikenne (ICT)
Teachers
- Paresh Rathod
- Pasi Kämppi
Teacher in charge
Paresh Rathod
Groups
-
CCN218SY
Learning outcomes
The student is able to
- evaluate the significance of different roles and the information security organization for the implementation of information security
- evaluate information risks directed at organizations systematically and apply risk management practices
- design an information security management system for an organization
- identify the essential elements of the auditing process and evaluate the possibilities of auditing to develop information security in an organization
- apply standards in the development of information security in an organization
- draw contingency plans for information systems
Teaching methods
- This study unit is fully online learning with the possibilities of volunteer tutoring meetings with the teachers.
- The tutoring meetings are not compulsory. Any student can participate tutoring meeting if they need any help from teachers.
- Virtual studies, weekly basis virtual learning and assignments
-------------------------------------------------------------------------------------------------------------------------------------------------------------
- Learning material is based on Certified Information Security Manager (CISM) certification training material
- The study unit provides preparatory training for CISM but not certification exam
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Study unit content:
- Module-0: Induction and Personal Study Plan
- Module-1: CISM: Information Security Governance (Part 1)
- Module-2: CISM: Information Security Governance (Part 2)
- Module-3: CISM: Information Security Governance (Part 3)
- Module-4: CISM: Information Risk Management and Compliance (Part 1)
- Module-5: CISM: Information Risk Management and Compliance (Part 2)
- Module-6: CISM: Information Security Program Development and Management (Part 1)
- Module-7: CISM: Information Security Program Development and Management (Part 2)
- Module-8: CISM: Information Security Program Development and Management (Part 3)
- Module-9: CISM: Information Security Program Development and Management (Part 4)
- Module-10: CISM: Information Security Program Development and Management (Part 5)
- Module-11: CISM: Information Security Incident Management (Part 1)
- Module-12: CISM: Information Security Incident Management (Part 2)
Location and time
- Not dependent on place or time (virtual studies)
Learning materials and recommended literature
- Learning material is based on Certified Information Security Manager (CISM) certification training material
- The study unit provides preparatory training for CISM but not certification exam
Important dates
- Study unit starts on week 5 (preliminary plan)
- Study unit ends on week 21 (preliminary plan)
- Detailed schedule is released at the beginning of the study unit
- NOTE: There can be scheduling changes
Forms of internationality
Teachers and students group are international (Finnish and English degree programme students).
Students workload
- 5 cr / 137,5 hours
- Study unit will last 16 weeks
Content and scheduling
- Module-0: Induction and Personal Study Plan
- Module-1: CISM: Information Security Governance (Part 1)
- Module-2: CISM: Information Security Governance (Part 2)
- Module-3: CISM: Information Security Governance (Part 3)
- Module-4: CISM: Information Risk Management and Compliance (Part 1)
- Module-5: CISM: Information Risk Management and Compliance (Part 2)
- Module-6: CISM: Information Security Program Development and Management (Part 1)
- Module-7: CISM: Information Security Program Development and Management (Part 2)
- Module-8: CISM: Information Security Program Development and Management (Part 3)
- Module-9: CISM: Information Security Program Development and Management (Part 4)
- Module-10: CISM: Information Security Program Development and Management (Part 5)
- Module-11: CISM: Information Security Incident Management (Part 1)
- Module-12: CISM: Information Security Incident Management (Part 2)
Further information for students
- Study unit is suitable for any graduate level student. Considering following points:
o Student must know: how company/organization works
o Students knows the basics of ICT-technologies
o Student is able to study with weekly based schedule
- NOTE: Any student who is willing to learn the overview of information security technologies, we recommend to participate following study unit: Introduction to Information Security
Grading scale
H-5
Evaluation methods and criteria
- Weekly study, assignment and tasks
- Students collect the points for different learning activities
- Online Tests
- Weekly studies
- Learning assignments and tasks
Evaluation criteria, fail (0)
0-49 points: 0
Evaluation criteria, satisfactory (1-2)
50-59 points: 1
60-69 points: 2
Evaluation criteria, good (3-4)
70-79 points: 3
80-89 points: 4
Evaluation criteria, excellent (5)
90-100 points: 5