Socio-technical Systems Enabled Crime
Study plans 2016-2017 - IMT4128 - 7.5 ECTS

Expected learning outcomes

Knowledge:

• The students shall primarily understand the socio-technical ICT evolution that has taken place over the last thirty years that has led to a widening vulnerability gap between what we can do with ICT and what we can cost effective control with ICT.
•  The students shall be given a broad systems theory perspective connected to practical cases so they will have the insight to implement a roadmap for information security in organizations and businesses.
• The candidate possess insight and understanding  of  technological enable crime
• The candidate possesses good understanding of the socio-technical  risk anlaysis and reflect on the use appropriate security metrics for analysis.

Skills:

• The student can use relevant systems sciences and socio-technical theory in independent research and development in information security organization and management
• The student is capable of performing critical analysis of various literature sources and applying them in structuring and formulating scientific reasoning information security organization and management.
• The student is capable of carrying out an independent limited research or development project in information security and management under supervision, following the applicable ethical rules.

General competence

• The student is capable of analyzing relevant professional and research ethical problems in information security organization and management.
• The student is capable of applying his/her information security knowledge and skills in new fields, in order to accomplish advanced tasks and projects.
• The student is capable of discussing professional problems, analyses and conclusions in the information security organization and management, both with specialists and with general audience.
• The student is capable of contributing to innovation and innovation processes in information security and socio-technical modeling and analysis for information security management.

Topic(s)

• Historical Technology adoption and Information Security Problems and Solutions in Society Organization and for individuals
• Technology enable crime in society and organization
• Socio-technical metrics for cultural, and organizational changes.
• Introduction to Socio-technical Risk, Threat and vulnerability Modeling
• Root Cause Analysis – Society, Organization, Individual .

Teaching Methods

Lectures
Group works
E-learning
Net Support Learning
Mandatory assignments
Project work
Reflection
Meeting(s)/Seminar(s)

Teaching Methods (additional text)

The course will be made accessible for both campus and remote students. Every student is free to choose the pedagogic arrangement form that is best fitted for her/his own requirement. The lectures in the course will be given on campus and are open for both categories of students. All the lectures will also be available on Internet through NTNU’s learning management system.

Form(s) of Assessment

Written exam, 3 hours
Evaluation of Project(s)

Form(s) of Assessment (additional text)

• Project reports (49%)
• Individual written exam (51%).
• Both assessment parts must be passed.

Grading Scale

Alphabetical Scale, A(best) – F (fail)

External/internal examiner

Internal examiner on the project reports, internal and external examiner on the written exam.

Re-sit examination

Ordinary re-sit examination in August for the written exam.

Coursework Requirements

Each group must present their mini case work s/case (approved/not approved)

Teaching Materials

Books/standards, conference/journal papers and web resources.

• Roadmap to Information Security, For IT and Infosec Managers, Michael E Whitman, Hervert J Mattord,, Course Technology 2011.
• Related articles
• Compendium.

Optional

Michael Whitman, Herbert Mattord og Andrew Green: Principles of Incident Response and Disaster Recovery, 2nd Edition. Thomson, 2014.

Replacement course for

IMT4152 Socio-tech Security Risk Modeling and Analysis 1, IMT4402 Socio-tech Modeling of Cybercrime