IMT4661 - Security Management Dynamics
Expected learning outcomes
Already the BS7799/ISO17799 standards encouraged viewing security as quality improvement. Some years later and after the extensions to the ISO27000 family, security as a continuous improvement process is not yet a mainstream activity.
The emphasis of this course is on identifying the systemic obstacles in the implementation path of continuous improvement of processes (“the quality improvement paradox”). Then, to apply this insights to redesign security management to achieve continuous improvement.
The quality improvement paradox
Security and quality improvement processes
Improving the Performance of Computer Security Incident Response Teams (CSIRTs)
Incident reporting systems and Learning from incidents
Security risks in the transition to Integrated Operations
Security-dependent safety. Continuous improvement of security in Critical Infrastructure
Teaching Methods (additional text)
Web-enabled course with forum
Form(s) of Assessment
Multiple Choice Test(s)
Evaluation of Project(s)
Form(s) of Assessment (additional text)
- Two multiple choice exams counting each 15%
- Two individual projects (papers) counting each 35%
- Each part must be individually approved of
Alphabetical Scale, A(best) – F (fail)
Evaluated by the lecturer
The whole subject must be repeated
The course requires active participation in projects – both in class and outside class.
Hands-on modelling exercises during class are best carried out in computer lab.
Students are encouraged to bring laptops to the classroom.
Written material will be given/sent to the students during the semester.