Principles of Security

Module summary

Module code: COMP1634
Level: 5
Credits: 15
School: Liberal Arts and Sciences
Department: Computing and Mathematical Sci.
Module Coordinator(s): Irfan Chishti

Specification

Aims

In order to be able to operate as an information systems security practitioner, students must understand security threats and how to manage the risk that they may pose to an information system. The aim of the course is to provide students with knowledge of methods for managing security technologies to a recognised international standard e.g the 10 domains of the world-wide CISSP (Certified Information System Security Professional). The real world approach will be provided with the help of articles and scenarios to aid the students.

Learning outcomes

On successful completion of this module a student will be able to:
1 Understand information systems threats, vulnerabilities and risks
2 Understand the management of creating/maintaining a security policy
3 Appraise methods of deployment of security controls/methods/technologies
4 Determine courses of action to solve problems in real-world security scenarios
5 Understand security acts and standards and codes of conduct

Indicative content

Issues, threats and their impact on a business environment
Risk Management: Identification and analysis techniques as well as control strategies. Business Continuity: Contingency planning and disaster recovery planning.
Compliance with standards/the law/regulatory framework such as Information Security Policy: ISO27001 all sections, Computer Misuse legislation (UK, USA).
Professional and ethical codes of conduct: ACM, BCS, etc.