Study program / study programs: INFORMATION TECHNOLOGY
Type and level of studies: Applied master’s studies
Subject: Data and Application Security
ECTS credits: 8
Training students to apply methods and techniques for modeling and establishing information security in different systems.
After completing the course, the students are able to apply the principles, methods and standards in the area of information security. They are trained to manage information security, security risks and establish information security in different organizations.
- Introduction to information security: definition (scope), main terms, development of information security.
- The need to define information security: information security threats, attacks on information systems, business, professional and ethical reasons for defining information security, legal framework.
- Standards in information security: reasons for standardization, areas of standardization, ISO 27000 standard series.
- Information security organization: internal organization, external organization, resource management, physical and logistic protection, security incidents, business continuity.
- Information security management system, system scope, identification of users and resources, system design, policies, standards, procedures.
- Security risk management: risk management basics, risk identification, risk assessment, reducing, avoiding and accepting risk, risk control strategies.
- Information security implementation: technical aspects of the implementation, non-technical aspects of the implementation, defining security requirements, information security management system implementation, information security analysis, system definition, monitoring and maintenance.