module specification

CC7175 - IT Security Management (Distance Learning) (2018/19)

Module specification Module approved to run in 2018/19
Module title IT Security Management (Distance Learning)
Module level Masters (07)
Credit rating for module 20
School School of Computing and Digital Media
Total study hours 200
 
48 hours Scheduled learning & teaching activities
56 hours Assessment Preparation / Delivery
96 hours Guided independent study
Assessment components
Type Weighting Qualifying mark Description
Coursework 10%   Initial draft report
Coursework 10%   Extended draft report for feedback
Coursework 10%   A draft version of the report & Oral presentation of the report content (Individual)
Coursework 70%   Final version of the report (up to 3500 words) (Individual)
Running in 2018/19
Period Campus Day Time Module Leader
Spring semester LMET Distance Learning Not applicable -

Module summary

This module focuses on various aspects of IT Security Management and deals mainly with the protection of information assets in a business environment by concerted measures.
Semester: Spring
Prerequisite: none
Assessment: a research-based technical report

This module aims to provide students with an appreciation of the benefits IT Security Management provides within a business environment. This includes the choice and application of appropriate risk assessment and risk management techniques, the understanding of security standards & procedures, coupled with the application of IT security technology & security measures in a business setting.

Prior learning requirements

None.

Syllabus

• Information security overview: assessing why information security is required, for example; identifying information as a company asset; LO1,2,4
• Security risk assessment: an overview of security risk assessment techniques, assessing, selecting and implementing security risk assessment techniques, development of a prioritised list of information security threats; LO3,4,6
• Security risk management: assessing, selecting and implementing controls for particular security threats; LO3,4,6
 
LO1-6
• IT security technologies and security mechanisms;
• IT security audit;
• Legal, Ethical, and Professional Issues;
• Security standards and procedures: reviewing relevant standards and procedures for information security.

Balance of independent study and scheduled teaching activity

The distance learning delivery of the module affords the student the flexibility of studying for the module at their own time in their own style at their own location while receiving effective guidance and support throughout the module. The University’s state-of-art Virtual Learning Environment (VLE) is used to provide a highly interactive, supportive and collaborative learning experience for the students. A wide range of synchronous and asynchronous facilities are used where appropriate for the effective delivery and assessment of the module, as well as active engagement and support for the students. Among these facilities are WebLearn learning materials, video lectures, discussion board and online forum, and online presentation, viva and feedback.  Students are encouraged to become active participants, rather than passive recipients, of this learning process.

To facilitate a flexible yet structured study pattern, the topics in the module syllabus are grouped into four learning units, with each lasting for three weeks. Each learning unit is designed to cover selected topics.

For each learning unit, the following materials are typically provided to students via the VLE (e.g. WebLearn):
• clear description of required learning activities including required reading list and exercises
• lecture slides and/or other supporting materials
• a clear description of the study tasks for the learning unit, submission instruction, submission deadlines, assessment and marking criteria
• exercise questions posted on the discussion forum on the VLE which facilitates discussion among students.

Students are strongly encouraged to:
• Complete required learning activities
• Post questions related to the module to the relevant Forum in discussion board and engage in online discussion with peers and the tutor
• Submit solutions to study tasks and the required assessment by the given deadline in accordance with published procedures
• regularly check mail boxes, notice boards, e-mails for update on the module.
• complete 200 hours of study.

Formative feedback on student work/progress for each learning unit will be provided.

Final assessment for the module is usually scheduled for the end of the semester. Timely summative feedback for the final assessment will be provided.

Students are expected to complete a total of 200 learning hours for this module. This includes:

• 48 hours – guided learning, teaching and related activities (synchronous & asynchronous), including 12 hour online communication with the tutor;
• 152 hours – guided independent study.

Learning outcomes

LO1. appreciate why IT security management is essential in today’s business environment;
LO2. understand  the complexities of security management;
LO3. appreciate the issues related to information security standards and procedures;
LO4. have seen main stream companies attempt to solve their information security problems;
LO5. evaluate critically the suitability of security risk assessment techniques in a particular context;
LO6. evaluate critically the suitability of controls for a particular security threat in a particular context.

Assessment strategy

The distance learning delivery of the module affords the student the flexibility of studying for the module at their own time in their own style at their own location while receiving effective guidance and support throughout the module. The University’s state-of-art Virtual Learning Environment (VLE) is used to provide a highly interactive, supportive and collaborative learning experience for the students. A wide range of synchronous and asynchronous facilities are used where appropriate for the effective delivery and assessment of the module, as well as active engagement and support for the students. Among these facilities are WebLearn learning materials, video lectures, discussion board and online forum, and online presentation, viva and feedback.  Students are encouraged to become active participants, rather than passive recipients, of this learning process.

To facilitate a flexible yet structured study pattern, the topics in the module syllabus are grouped into four learning units, with each lasting for three weeks. Each learning unit is designed to cover selected topics.

For each learning unit, the following materials are typically provided to students via the VLE (e.g. WebLearn):
• clear description of required learning activities including required reading list and exercises
• lecture slides and/or other supporting materials
• a clear description of the study tasks for the learning unit, submission instruction, submission deadlines, assessment and marking criteria
• exercise questions posted on the discussion forum on the VLE which facilitates discussion among students.

Students are strongly encouraged to:
• Complete required learning activities
• Post questions related to the module to the relevant Forum in discussion board and engage in online discussion with peers and the tutor
• Submit solutions to study tasks and the required assessment by the given deadline in accordance with published procedures
• regularly check mail boxes, notice boards, e-mails for update on the module.
• complete 200 hours of study.

Formative feedback on student work/progress for each learning unit will be provided.

Final assessment for the module is usually scheduled for the end of the semester. Timely summative feedback for the final assessment will be provided.

Students are expected to complete a total of 200 learning hours for this module. This includes:

• 48 hours – guided learning, teaching and related activities (synchronous & asynchronous), including 12 hour online communication with the tutor;
• 152 hours – guided independent study.

Bibliography

Textbooks:

Core Text:
• Management of Information Security, 3/E, Michael Whitman, Herbert Mattord, ISBN-13: 9780840031600 / ISBN-10: 0840031602, publish date: March 27, 2011
Other Texts:
• Security Policies and Procedures: Principles and Practices, 1/e Greene, ©2006, Prentice Hall, ISBN-10: 0131866915, ISBN-13: 9780131866911
• Executive Guide to Information Security, The Threats, Challenges, and Solutions, 1/e, Egan & Mather, ©2005, Addison-Wesley, ISBN-10: 0321304519, ISBN-13: 9780321304513
• Mapping Security: The Corporate Security Sourcebook for Today’s Global Economy, 1/e, Patterson & Blue, ©2005, Addison-Wesley, ISBN-10: 0321304527, ISBN-13: 9780321304520
• Enterprise Security: IT Security Solutions: Concepts, Practical, Experiences, Technologies, Walter Fumy (Editor), Jörg Sauerbrey (Editor), ISBN: 978-3-89578-267-1, December 2005, Wiley

Journals: Taylor and Francis Journals, Journal TOCs

Electronic Databases: ACM Digital Library, IEEE Xplore/IET Digital Library