•   Information and Cyber Security Management TO00BN70-3003 07.01.2021-31.07.2021  10 credits  (CCM220SY, ...) +-
    Learning outcomes of the course
    The student is able to:
    - define information and cyber security compliance requirements, best practices and apply those
    - assess and manage information and cyber security risks
    - create administrative, operational, technical and physical procedures
    - plan, assess and develop information and cyber security
    Prerequisites and co-requisites
    Before enrolling to this study unit, you should have adequate competence level of safety, security and risk management, which you can acquire for example by completing study unit Business Continuity 5 credits or Basics of Corporate Safety, Security and Risk Management 10 credits
    Teacher in charge

    Kaci Bourdache

    Mode of delivery

    20% Face-to-face, 80% Distance learning

    Learning materials and recommended literature

    Latest at the end of each theme the relevant study materials are presented (themes can be found in Content and scheduling) The development assignment requires at least the knowledge of professional concepts and background theory. The exam focuses on knowledge of relevant legislation. Materials created by teachers (copyright holders) are licensed CC-BY-NC-SA unless otherwise noted.

    Teaching methods

    The study unit includes a development assignment in groups as well as contact- and online studies.

    Communication of study unit will be handled via a MS Teams group created for all participants Private messages to teachers should be handled via email.

    For those in risk groups or otherwise absent due to corona-related reasons attendance in contact sessions is made possible online as much as it is possible, taking into account the nature of the teaching. Do not participate in contact teaching when ill!

    Evaluation methods and criteria

    In this study unit the assessing of the competences will be done by using the criteria set for requirement level 2.

    The grade of the study unit is determined as the weighted overall result of two assessed implementation parts.
    The implementation parts to be assessed are:
    -Development assignment in groups: 70% of grade
    -Individually completed porfolio assignment: 30% of grade
    -Individually completed online exam: 30% of grade

    Online exam is evaluated based on points.

    Language of instruction
    • English
    Completion language(s)
    • English
    Timing

    07.01.2021 - 31.07.2021

    Enrollment period

    23.11.2020 - 16.12.2020

    Group(s)
    • CCM220SY
    • TOP220SY
    Seats

    20 - 80

    Unit

    Laurea Leppävaara, service

    Teacher(s)

    Ilona Frisk, Kaci Bourdache, Anja Aatsinki

    Further information for students

    IMPORTANT! Read carefully! If anything below is unclear, please be in touch with the responsible teacher.

    1. Before enrolling to this study unit, you should have adequate competence level of safety, security and risk management, which you can acquire for example by completing study unit Business Continuity Planning 5 cr or Basics of Corporate Security and Risk Management 10 cr. If your expertise is not clear via previous completed studies above, be in touch. This requirement applies to open UAS students as well.

    2. Those enrolling are recommended to have completed the study unit Information- and Cybersecurity 5 cr, or have the relevant knowledge. This study unit does not cover the basics of issues.

    3. Some studies implemented 2019 and before affect the extent and content of this study unit.
    If you have completed one of the study units below, the extent is 5 cr.
    If you have completed two or more of the study units below, do not enroll to this study unit at all.
    - Fyysinen turvallisuus / Physical Security
    - Työ- ja henkilöstöturvallisuus / Occupational Safety and Personnel Security
    - Information Security Management
    - Cybersecurity
    Members of project groups must have the same extent and content, because earlier completions affect the assignment!
    Exchange students with previous studies that are above basic- or introductory level and concern Information Security Management, Cybersecurity Management, Personnel Security or Physical Security should be in touch with responsible teacher; your previous knowledge may be taken into account.

    4. Quota for open university students of 10 places and a quota for 3UAS (3AMK) students of 10 places.

    Programme(s)

    Degree Programme in Safety, Security and Risk Management (HRA), Laurea Leppävaara, Turvallisuuden ja riskienhallinnan koulutus (HTA2), Laurea Leppävaara (Finnish)

    Campus

    Laurea Leppävaara

    RDI portion

    3 credits

    Virtual portion

    8 credits

    Evaluation scale

    H-5

    Alternative completion methods

    -Recognition of Prior Learning
    -Work-based Learning
    If you wish to propose either of these, please be in touch as soon as possible after enrolling.

    Co-operation with working life and/or RDI

    The study unit uses working life experts.
    The development assignment is project-based and based on working life requirements.

    Important dates

    -First contact session, accepting place in study unit and handing out of development assignment: between 15th of January 2021.
    -Return of development assignment: 21st May
    -Online exam must be completed: 6.5-11.5
    -1st exam retake: 20.5-25.5
    -2nd exam retake: 10-15.6
    (Incomplete or skipped exams count as one attempt, except for force majeure-cases handled separately)

    Internationality

    Study unit is implemented in English using international sources.
    Study unit is attended by exchange students.

    Students workload

    Attendance in all contact sessions is recommended.
    Students should prepare for following workload:
    -Workload total is 10 credits = 270 hours, everything included.
    -Implementation lasts 16 weeks. Students should book on average 16-17 hours every week after the study unit begins.
    -New subjects and materials are presented every 4-5 weeks, split into themes.
    Assessment of hourly workloads:
    -Contact sessions 16 hours
    -Online studying and independent study online/with distributed materials 92 hours
    -Group work on development assignment and guidance 113 hours
    -Exam and preparation for it (independent study) 49 hours

    Content and scheduling

    Teaching has been divided into four themes. Every theme has a contact session and online studies. The exam that will be completed at the end of the study unit has questions from every theme.
    Themes and notes:
    - Theme 1: Information Security Management. As student that has completed the study unit Information Security Management previously is exempted from contact sessions and exam questions on this theme.
    - Theme 2: Personnel Security. A student that has completed the study unit Occupational Safety and Personnel Security previously is exempted from contact sessions and exam questions on this theme.
    - Theme 3: Cybersecurity Management. A student that has completed the study unit Cybersecurity previously is exempted from contact sessions and exam questions on this theme.
    - Theme 4: Physical Security. A student that has completed the study unit Physical Security previously is exempted from contact sessions and exam questions on this theme.
    -Return of development assignment: 21st May
    -Online exam must be completed: 6.5-11.5
    -1st exam retake: 20.5-25.5
    -2nd exam retake: 10-15.6

    Location and time

    Times and dates of teaching are in Pakki.
    Study unit begins with online session 15th of January 2021. According to the degree regulations, accepting your place in the study unit requires presence in the first session or an appropriate announcement of your absence.
    Some of the contact sessions may be arranged outside of campus.

    Evaluation criteria
    Satisfactory

    A satisfactory (1) exam result has 50-59% of maximum score. A satisfactory (2) exam result has 60-69% of maximum score. The development assignment is graded Satisfactory (1), if the assignment or group: -Follows the given assignment -Uses professional concept consistently -Shows that they have familiarized themselves with the knowledge base -Is able to report and communicate professionally -Is able to act independently taking into account the operating environment The development assignment is graded Satisfactory (2), if the assignment or group fulfills the above criteria and in addition some of the criteria of Good (3-4).

    Good

    A good (3) exam result has 70-79% of maximum score. A good (4) exam result has 80-89% of maximum score. The development assignment is graded Good (3), if the assignment or group: -Follows the given assignment -Critically evaluates information and justify their actions with science-based knowledge -Proposes professional, creative solutions -Is able to report and communicate professionally -Is able to act independently taking into account the operating environment The development assignment is graded Good (4), if the assignment or group fulfills the above criteria and in addition some of the criteria of Excellent (5)

    Excellent

    An excellent (5) exam result has 90-100% of maximum score. The development assignment is graded Excellent (5), if the assignment or group: -Follows the given assignment -Analyses the acquired information, draws conclusions and combines theoretical knowledge with experiential knowledge -Proposes professional, creative solutions -Evaluates the applicability of produced knowledge, skill or idea to other contexts as well as their impact -Is able to report and communicate professionally -Is able to act independently taking into account the operating environment