Expected learning outcomes
The student shall after the course be able to create policies and procedures for contingency plans, as well as lead the planning process. This requires that the student must achieve a thorough understanding of why incident reporting systems are needed, how they work and how to plan and conduct investigations. Furthermore, the student should have a good overview over the most well known organizational problems within incident reporting systems. The student should also be able to plan for and handle large and small disasters. To handle disasters the students also need to know business continuity planning.
1. Introduction and Overview of Contingency Planning
2. Planning for Organizational Readiness: Risk management, limits to risk management, incident reporting systems, business impact analysis
3. Incident Response: Preparation, organization, prevention, detection, notification, reaction, recovery, maintenance, operational problems for CSIRTS and organizational models for CSIRTs
4. Disaster Recovery: Preparation, implementation, operation and maintenance
5. Business Continuity: Preparation, implementation, operations and Maintenance
6. Crisis Management and Human Factors
Form(s) of Assessment
Written exam, 3 hours
Evaluation of Project(s)
Form(s) of Assessment (additional text)
Assessment: An overall evaluation based on a 100 point scale, where project work counts 50 points and final written exam counts 50 points. A minimum of 18 points have to be gained on the final exam. Conversion from 100 point scale to A-F scale according to recommended conversion table. In specific circumstances, emneansvarlig can slightly adjust the limits in the conversion table to enforce compatibility with the qualitative descriptions on the A-F scale.
Alphabetical Scale, A(best) – F (fail)
The lecturer performs the evaulations.
For the final exam: Ordinary re-sit examnination.
Dictionary: English-Norwegian or English-other language
One project (the exam project).
Michael Whitman og Herbert Mattord: Principles of Incident Response and Disaster Recovery. Thomson, 2007.
Additional litterature will be handed out.