Information and Cyber Security Management (10 cr)

Learning outcomes

The student is able to:
- define information and cybersecurity compliance requirements, best practices and apply those
- assess and manage information and cybersecurity risks
- apply administrative, operational, technical and physical procedures*
- plan, assess and develop information and cybersecurity

*The learning outcome has been modified and verb changed. Earlier verb was "create". The change comes into effect on January 1, 2025.

Location and time

Times and dates of teaching are in Pakki.
Study unit begins with online session 15th of January 2021. According to the degree regulations, accepting your place in the study unit requires presence in the first session or an appropriate announcement of your absence.
Some of the contact sessions may be arranged outside of campus.

Materials

Latest at the end of each theme the relevant study materials are presented (themes can be found in Content and scheduling)
The development assignment requires at least the knowledge of professional concepts and background theory.
The exam focuses on knowledge of relevant legislation.
Materials created by teachers (copyright holders) are licensed CC-BY-NC-SA unless otherwise noted.

Teaching methods

The study unit includes a development assignment in groups as well as contact- and online studies.

Communication of study unit will be handled via a MS Teams group created for all participants Private messages to teachers should be handled via email.

For those in risk groups or otherwise absent due to corona-related reasons attendance in contact sessions is made possible online as much as it is possible, taking into account the nature of the teaching. Do not participate in contact teaching when ill!

Employer connections

The study unit uses working life experts.
The development assignment is project-based and based on working life requirements.

Exam schedules

-First contact session, accepting place in study unit and handing out of development assignment: between 15th of January 2021.
-Return of development assignment: 21st May
-Online exam must be completed: 6.5-11.5
-1st exam retake: 20.5-25.5
-2nd exam retake: 10-15.6
(Incomplete or skipped exams count as one attempt, except for force majeure-cases handled separately)

International connections

Study unit is implemented in English using international sources.
Study unit is attended by exchange students.

Completion alternatives

-Recognition of Prior Learning
-Work-based Learning
If you wish to propose either of these, please be in touch as soon as possible after enrolling.

Student workload

Attendance in all contact sessions is recommended.
Students should prepare for following workload:
-Workload total is 10 credits = 270 hours, everything included.
-Implementation lasts 16 weeks. Students should book on average 16-17 hours every week after the study unit begins.
-New subjects and materials are presented every 4-5 weeks, split into themes.
Assessment of hourly workloads:
-Contact sessions 16 hours
-Online studying and independent study online/with distributed materials 92 hours
-Group work on development assignment and guidance 113 hours
-Exam and preparation for it (independent study) 49 hours

Content scheduling

Teaching has been divided into four themes. Every theme has a contact session and online studies. The exam that will be completed at the end of the study unit has questions from every theme.
Themes and notes:
- Theme 1: Information Security Management. As student that has completed the study unit Information Security Management previously is exempted from contact sessions and exam questions on this theme.
- Theme 2: Personnel Security. A student that has completed the study unit Occupational Safety and Personnel Security previously is exempted from contact sessions and exam questions on this theme.
- Theme 3: Cybersecurity Management. A student that has completed the study unit Cybersecurity previously is exempted from contact sessions and exam questions on this theme.
- Theme 4: Physical Security. A student that has completed the study unit Physical Security previously is exempted from contact sessions and exam questions on this theme.
-Return of development assignment: 21st May
-Online exam must be completed: 6.5-11.5
-1st exam retake: 20.5-25.5
-2nd exam retake: 10-15.6

Evaluation scale

H-5

Qualifications

Before enrolling to this study unit, you should have adequate competence of safety, security and risk management, which you can acquire for example by completing study unit HT00BN79/ HT00CC30 Basics of Corporate Safety, Security and Risk Management (10 cr) or TO00BS57 Basic Theory of Corporate Safety, Security and Risk Management (5 cr).

Further information

IMPORTANT! Read carefully! If anything below is unclear, please be in touch with the responsible teacher.

1. Before enrolling to this study unit, you should have adequate competence level of safety, security and risk management, which you can acquire for example by completing study unit Business Continuity Planning 5 cr or Basics of Corporate Security and Risk Management 10 cr. If your expertise is not clear via previous completed studies above, be in touch. This requirement applies to open UAS students as well.

2. Those enrolling are recommended to have completed the study unit Information- and Cybersecurity 5 cr, or have the relevant knowledge. This study unit does not cover the basics of issues.

3. Some studies implemented 2019 and before affect the extent and content of this study unit.
If you have completed one of the study units below, the extent is 5 cr.
If you have completed two or more of the study units below, do not enroll to this study unit at all.
- Fyysinen turvallisuus / Physical Security
- Työ- ja henkilöstöturvallisuus / Occupational Safety and Personnel Security
- Information Security Management
- Cybersecurity
Members of project groups must have the same extent and content, because earlier completions affect the assignment!
Exchange students with previous studies that are above basic- or introductory level and concern Information Security Management, Cybersecurity Management, Personnel Security or Physical Security should be in touch with responsible teacher; your previous knowledge may be taken into account.

4. Quota for open university students of 10 places.