Bachelor in Information Security - BIS

Short description

Information security is an interdisciplinary field covering the range from technical knowledge of computers and systems, through the psychology of attempted fraud, forgeries, and to legislation and management. Gjøvik University College has a scientifically strong and international research group in information security and offers bachelor, master, and Ph.D. programmes specialized in information security.

Newly graduated students will be able to understand and practice a whole range of methods to control access to information. These methods are, amongst others, good standards for programming, firewalls as internet security, encrypted information, or just good practice as system administrator. In addition you are expected to be able to apply the correct security measures in different situations, based on analysis of risks and threats. This study programme will provide you with a solid bachelor’s degree in Computer Science, with an emphasis on the technical aspects of the study. Courses in information security parallel with information technology will already from the first term give you an understanding of vulnerability, risks and complexity.

Language: The lectures are mainly held in Norwegian, but some of the courses are held in English (see Student handbook). The courses taught in the fifth semester (autumn term) are offered in English, welcoming incoming international students.

Expected learning outcomes

Graduates from this programme will have a defined learning outcome in computer science with a specialisation in information security. Candidates possess knowledge, skills, and general competence primarily in the technological aspects of information security, but also with an accompanying understanding for the human, administrative, ethical, and legal aspects of the discipline. A solid competence in computer science means that units like programming, algorithms, data structures, databases, operating systems, system development, and network and system administration are included in the study programme. In addition, candidates have general competence that enables them to assume roles as trusted employees and good colleagues.

At the end of the study programme, the students are expected to have acquired the following learning outcomes:


  • The candidate has broad knowledge of central topics, theories, problems, processes, tools, and methods in computer science and information security.
  • The candidate has knowledge of research and development in information security and in computer science in general.
  • The candidate is able to update and extend the candidate's own knowledge in information security, and also in the areas of information systems, information technology, and software development.
  • The candidate is aware of the history and tradition of information systems, as well as their character and position in society.
  • The candidate can explain professional work methods for development of IT systems.


  • The candidate can apply professional knowledge and relevant results from research and development to practical and theoretical cases and based on this make informed choices.
  • The candidate can lead planning of information security in an IT department and can develop policies, routines, and procedures to take care of information security in a company.
  • The candidate can assumes roles in system development, programming, and system administration, and will be able to take over special responsibility for security within these fields.
  • The candidate can reflect over professional practice and can adjust the candidate's practice under supervision.
  • The candidate can find, assess, and refer to information and a body of knowledge and present this to shed light on a case.
  • The candidate commands relevant professional tools, techniques, and modes of expression.
  • The candidate can use tools which support development of IT systems.

General competence

  • The candidate has insight into relevant professional, legal, and ethical problems.
  • The candidate can plan and perform various tasks and projects that comprise long time spans, alone and as participant in a team in compliance with applicable legal and ethical requirements and regulations.
  • The candidate can present relevant topics like theories, problems and solutions in written, oral and other applicable forms of expression.
  • The candidate can exchange arguments and share experience with others that have a background in the same field and by this can contribute to development of good practice.
  • The candidate is aware of innovation and innovation processes.

Technical Prerequisites

A laptop is required.

Table of subjects

Bachelor of Science in Information Security 2013-2016

Coursecode Course name C/E *) ECTS each. semester
  S1(A) S2(S) S3(A) S4(S) S5(A) S6(S)
IMT1121 Introduction to Information Security C 10          
IMT1031 Fundamental Programming C 10          
REA1101 Mathematics for computer science C 10          
IMT1132 Introduction to Information Security Risk Management C   10        
IMT2431 Data Communication and Network Security C   10        
IMT1082 Object-Oriented Programming C   10        
IMT2571 Data Modelling and Database Systems C     10      
IMT2021 Algorithmic Methods C     10      
IMT2521 Network Administration C     10      
IMT2243 Software Engineering C       10    
IMT3521 Introduction to security Planning and Incident Handling C       10    
IMT2282 Operating Systems C       10    
IMT3501 Software Security C         10  
IMT2641 Applied Network Security C         5  
IMT3491 Ethical Hacking and Penetration Testing C         5  
Elective course, 10 ECTS E         10  
IMT3912 Bachelor's thesis C           20
Elective course, 10 ECTS E           10
Sum: 30 30 30 30 30 30
*) C - Compulsory course, E - Elective course


Coursecode Course name C/E *) ECTS each. semester
  S1(A) S2(S)
IMT3551 Digital Forensics E 5  
IMT3281 Application Development E 10  
SMF1042 Basic Economics E 10  
IMT3761 Information Warfare E 5  
IMT3005 Infrastructure as Code E 10  
IMT3681 IT-management E   5
IMT3511 Discrete Mathematics E   10
IMT2291 Web Technology E   10
Sum: 0 0
*) C - Compulsory course, E - Elective course