CC7175 - IT Security Management (Distance Learning) (2017/18)
|Module specification||Module approved to run in 2017/18|
|Module title||IT Security Management (Distance Learning)|
|Module level||Masters (07)|
|Credit rating for module||20|
|School||School of Computing and Digital Media|
|Total study hours||200|
|Running in 2017/18||
This module focuses on various aspects of IT Security Management and deals mainly with the protection of information assets in a business environment by concerted measures.
This module aims to provide students with an appreciation of the benefits IT Security Management provides within a business environment. This includes the choice and application of appropriate risk assessment and risk management techniques, the understanding of security standards & procedures, coupled with the application of IT security technology & security measures in a business setting.
- Information security overview: assessing why information security is required, for example; identifying information as a company asset;
- Security risk assessment: an overview of security risk assessment techniques, assessing, selecting and implementing security risk assessment techniques, development of a prioritised list of information security threats;
- Security risk management: assessing, selecting and implementing controls for particular security threats;
- IT security technologies and security mechanisms;
- IT security audit;
- Legal, Ethical, and Professional Issues;
- Security standards and procedures: reviewing relevant standards and procedures for information security.
Learning and teaching
The distance learning delivery of the module affords the student the flexibility of studying for the module at their own time in their own style at their own location while receiving effective guidance and support throughout the module. The University’s state-of-art Virtual Learning Environment (VLE) is used to provide a highly interactive, supportive and collaborative learning experience for the students. A wide range of synchronous and asynchronous facilities are used where appropriate for the effective delivery and assessment of the module, as well as active engagement and support for the students. Among these facilities are WebLearn learning materials, video lectures, discussion board and online forum, and online presentation, viva and feedback. Students are encouraged to become active participants, rather than passive recipients, of this learning process.
To facilitate a flexible yet structured study pattern, the topics in the module syllabus are grouped into four learning units, with each lasting for three weeks. Each learning unit is designed to cover selected topics.
For each learning unit, the following materials are typically provided to students via the VLE (e.g. WebLearn):
- clear description of required learning activities including required reading list and exercises
- lecture slides and/or other supporting materials
- a clear description of the study tasks for the learning unit, submission instruction, submission deadlines, assessment and marking criteria
- exercise questions posted on the discussion forum on the VLE which facilitates discussion among students.
Students are strongly encouraged to:
- Complete required learning activities
- Post questions related to the module to the relevant Forum in discussion board and engage in online discussion with peers and the tutor
- Submit solutions to study tasks and the required assessment by the given deadline in accordance with published procedures
- regularly check mail boxes, notice boards, e-mails for update on the module.
- complete 200 hours of study.
Formative feedback on student work/progress for each learning unit will be provided.
Final assessment for the module is usually scheduled for the end of the semester. Timely summative feedback for the final assessment will be provided.
The student should be able to:
LO1. appreciate why IT security management is essential in today’s business environment;
LO2. understand the complexities of security management;
LO3. appreciate the issues related to information security standards and procedures;
LO4. have seen main stream companies attempt to solve their information security problems;
LO5. evaluate critically the suitability of security risk assessment techniques in a particular context;
LO6. evaluate critically the suitability of controls for a particular security threat in a particular context.
The assessment for this module is based on a coursework assignment, which is a research-based technical report and focused on one section of the syllabus for the module. It’s predominantly linked to learning outcomes 1-6. The coursework is submitted and commented/feedbacked in three stages:
Stage 1. In week 6, students submit a draft version report which includes Introduction, Literature review, and their relevant bibliography/references. The feedback on the submission is to be given via the WebLearn.
Stage 2. In week 10, students submit an extended draft version report which includes Introduction, Literature review, and the report main body researching into its in-depth knowledge of the chosen topic, plus their relevant bibliography/references. The feedback on the submission is to be given via the WebLearn.
Stage 3. In week 12 students submit their final version reports and up to 100% marks will be allocated to the final version report.
• Essential Reading
1. Management of Information Security, 3/E, Michael Whitman, Herbert Mattord, ISBN-13: 9780840031600 / ISBN-10: 0840031602, publish date: March 27, 2011
• Supplementary Reading
- Security Policies and Procedures: Principles and Practices, 1/e Greene, ©2006, Prentice Hall, ISBN-10: 0131866915, ISBN-13: 9780131866911
- Executive Guide to Information Security, The Threats, Challenges, and Solutions, 1/e, Egan & Mather, ©2005, Addison-Wesley, ISBN-10: 0321304519, ISBN-13: 9780321304513
- Mapping Security: The Corporate Security Sourcebook for Today’s Global Economy, 1/e, Patterson & Blue, ©2005, Addison-Wesley, ISBN-10: 0321304527, ISBN-13: 9780321304520
- Enterprise Security: IT Security Solutions: Concepts, Practical, Experiences, Technologies, Walter Fumy (Editor), Jörg Sauerbrey (Editor), ISBN: 978-3-89578-267-1, December 2005, Wiley
• Weekly Teaching Materials on the University’s WebLearn Site for This Module.