This unit will provide students with a knowledge of information systems security issues, and their relevance to the management of information systems in contemporary organisations. The students will gain knowledge of the nature of information threats, risks and vulnerabilities and of the control technologies and techniques which can be applied to reduce risk. Students will be expected to demonstrate ethically sound viewpoints with respect to the protection of information resources while maintaining a secure IS framework related to a defence in depth strategy. Further students will have an understanding of the ethical, legal and criminal issues relating to the security of information systems. Additionally students will be required to analyse and assess recent developments and future trends in IS security technologies.
At the completion of this unit students will have
A knowledge and understanding of:
- the importance of information systems security issues to contemporary organisations;
- information security concepts and philosophies;
- threats, vulnerabilities and risks to an organisations information assets and the control technologies and techniques required to support this;
- the mathematical foundation of cryptoanalysis;
- the ethical, legal and criminal issues relating to the security of information systems;
- how to evaluate current and future developments and trends in security control technologies and techniques;
- the relevance of human factors to information security planning and management.
Developed attitudes that enable them to:
- adopt a critical approach to the analysis and design of information systems security systems;
- willingness to apply ethical standards of security issues;
- demonstrate ethically sound viewpoints with respect to the protection of information resources while maintaining a secure IS framework; specifically related to (but not limited to) the goals of security such as confidentiality, integrity, and availability, in the professional development of information systems;
- cooperate within groups and adopt and practise professional ethics that influence work behaviour.
Developed the skills to:
- apply information security concepts in the analysis of information systems security issues;
- apply risk management techniques to the planning and management of information systems security systems;
- apply security analysis and design methods and techniques in the analysis of threats, risk and vulnerabilities to an information system;
- apply the security concept in securing information systems by exploring the security mechanism available in the operating systems environment.
Demonstrated the communication skills necessary to:
- work in teams to complete some of the assessment and thus develop appropriate interpersonal communication and leadership skills.
Examination (3 hours): 60%; In-semester assessment: 40%