Information Security Management (5 op)
Toteutuksen tunnus: R0319-3004
Toteutuksen perustiedot
Ilmoittautumisaika
18.05.2020 - 24.05.2020
Ajoitus
24.08.2020 - 17.11.2020
Opintopistemäärä
5 op
Virtuaaliosuus
5 op
Toteutustapa
Etäopetus
Yksikkö
Laurea Yhteinen
Toimipiste
Laurea Leppävaara
Opetuskielet
- Englanti
Paikat
20 - 40
Koulutus
- Laurea täydentävä osaaminen, amk-tutkinto (TON2), Tietojenkäsittely ja tietoliikenne (ICT)
Opettaja
- Paresh Rathod
- Pasi Kämppi
Vastuuopettaja
Paresh Rathod
Ryhmät
-
CCN220SYComplementary competence (bachelor’s studies), S20, Information and Communication Technologies (ICT)
-
TON220SYLaurea täydentävä osaaminen (amk-tutkinto), S20, Tietojenkäsittely ja tietoliikenne (ICT)
Osaamistavoitteet
The student is able to
- evaluate the significance of different roles and the information security organization for the implementation of information security
- evaluate information risks directed at organizations systematically and apply risk management practices
- design an information security management system for an organization
- identify the essential elements of the auditing process and evaluate the possibilities of auditing to develop information security in an organization
- apply standards in the development of information security in an organization
- draw contingency plans for information systems
Toteutustapa
- This study unit is fully online learning with the possibilities of volunteer tutoring meetings with the teachers.
- The tutoring meetings are not compulsory. Any student can participate tutoring meeting if they need any help from teachers.
- Virtual studies, weekly basis virtual learning and assignments
- The study unit does not have scheduled virtual lectures (Zoom or equivalent)
- NOTE: Student should finish compulsory ICT-studies before enrolling to complementary studies
- NOTE: Safety, Security and Risk Management students should take the study unit TO007BN Information and Cybersecurity Management after R0186 Information and Cybersecurity
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
- Learning material is based on Certified Information Security Manager (CISM) certification training material
- The study unit provides preparatory training for CISM but not certification exam
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Study unit content:
Module-0: Induction and Study Plan
Module-1: Info Sec Governance Part 1
Module-2: Info Sec Governance Part 2
Module-3: Information Risk Management-1
Module-4: Information Risk Management-2
Module-5: Info Sec Program Dev Part 1
Module-6: Info Sec Program Dev Part 2
Module-7: Info Sec Incident Man Part 1
Module-8: Info Sec Incident Man Part 2
Aika ja paikka
- Not dependent on place or time (virtual studies)
Oppimateriaali ja suositeltava kirjallisuus
- Learning material is based on Certified Information Security Manager (CISM) certification training material
- The study unit provides preparatory training for CISM but not certification exam
Työelämäyhteistyö ja/tai TKI
- Possibility to participate volunteer campus and online lectures offered by specialists and partners
- Possibility to participate Nixu Security Operations Center visit
Toteutuksen tärkeät päivämäärät
- Study unit starts on week 35 (preliminary plan)
- Study unit ends on week 45 (preliminary plan)
- Detailed schedule is released at the beginning of the study unit
- NOTE: There can be scheduling changes
Kansainvälisyys toteutuksella
Teachers and students group are international (Finnish and English degree programme students). Study is suitable for exchange students.
Opiskelijan ajankäyttö ja kuormitus
- 5 cr / 137,5 hours
- Study unit will last 11 weeks
Sisältö ja sen jaksotus
Module-0: Induction and Study Plan
Module-1: Info Sec Governance Part 1
Module-2: Info Sec Governance Part 2
Module-3: Information Risk Management-1
Module-4: Information Risk Management-2
Module-5: Info Sec Program Dev Part 1
Module-6: Info Sec Program Dev Part 2
Module-7: Info Sec Incident Man Part 1
Module-8: Info Sec Incident Man Part 2
Lisätietoja opiskelijoille
- Study unit is suitable for any graduate level student. Considering following points:
o Student must know: how company/organization works
o Students knows the basics of ICT-technologies
o Student is able to study with weekly based schedule
- Any student who is willing to learn the overview of information security technologies, we recommend to participate following study unit: Introduction to Information Security
- The study unit is prioritized for TIKO and BIT students
- Safety, Security and Risk Management students should take the study unit TO007BN Information and Cybersecurity Management
- Inactive students are removed from the study unit after orientation period (the first week of the study unit)
Arviointiasteikko
H-5
Arviointimenetelmät ja arvioinnin perusteet
- Weekly study, assignment and tasks
- Students collect the points for different learning activities
- Online Tests
- Weekly studies
- Learning assignments and tasks
Arviointikriteerit, tyydyttävä (1-2)
– use professional concepts in a consistent manner and demonstrate his/her familiarity with the knowledge basis
– report and communicate in a professional manner
– act independently taking into account the operating environment
– describe the significance of his/her actions for successful co-operation
– describe his/her competence in relation to the learning outcomes
Arviointikriteerit, hyvä (3-4)
– critically evaluate information and justify their actions with science-based knowledge
– propose creative solutions at work
- describe the development of his/her competence in relation to the learning outcomes
Arviointikriteerit, kiitettävä (5)
– analyse the acquired information, draw conclusions and combine theoretical knowledge with experiential knowledge
– evaluate the applicability of produced knowledge, skill or idea to other contexts as well as their impact
– evaluate the possibilities for utilising competence and plan his/her personal development