Security Privacy and Risk Management Case Study
Study plans 2016-2017
- 7.5 ECTS
IMT4129 Risk Management for Information Security, IMT4127 Security Management Metrics, IMT4128 Socio-technical Systems Enabled Crime
Expected learning outcomes
- The candidate possess though knowledge of ethical and legal aspect information security management and privacy management
- The candidate possesses through understanding of the risk management processes for both security and privacy issues with both larger and small orgnaizations.
- The candidate possesses through understanding of security planning and incident management process
- The candidate possess a broad understanding of how different security and methodologies and practices are used in approaching different information security problems and solutions.
- The candidate possess the insight and awareness of relevant practical and scientific sources in relations to information security problems and solutions.
- The student can analysi read and even write
- security warnings and common vulnerability events bullentins that are used following industrial best practices today.
- The student can perform a security , privacy and risk analysis of an organization security both from second had and first and infrormation
- The student has the capability to interview appropriate stakeholders in a organization questions to extract information about a security incident outlined in a security scenario.
- The students has the capability to analysis and write information security policy guidelines and rules .
- The student is capable of analyzing relevant professional and research ethical problems in information security organization and management.
- The student is capable of leading the discussions of a group of security and non security professoinals in a meeting or workshop.
- The student is capable of leading and contributing to both organization and technological innovation processes.
- Review on how to work with cases base information
- How to lead a root cause analysis and a after action review.
- Current PSIRT and CERT systems.
- Internal reporting of information Security and Privacy Incidents
- External Reporing of information Security and Privacy Incidents
Net Support Learning
Teaching Methods (additional text)
The course will be made accessible for both campus and remote students. Every student is free to choose the pedagogic arrangement form that is best fitted for her/his own requirement. The lectures in the course will be given on campus and are open for both categories of students. All the lectures will also be available on Internet through GUC’s learning management system (ClassFronter).
Form(s) of Assessment
Form(s) of Assessment (additional text)
- Group Project reports (49%)
- Individual, written reflection on the group project work (51%).
- All parts must be passed to pass the course.
Alphabetical Scale, A(best) – F (fail)
Evaluated by external and internal examiner.
Yes, in accordance with the course responsible.
Each group must present their mini case work s/case (approved/not approved).
Books/standards, conference/journal papers and web resources.
Replacement course for
Partly (50%) of IMT4841 Security Planning and Incident Management