INF 2439 Information- and data safety - RE-SIT EXAMINATION

APPLIES TO ACADEMIC YEAR 2012/2013

INF 2439 Information- and data safety - RE-SIT EXAMINATION

Responsible for the course
Bo H Christensen

Department
Department of Leadership and Organizational Behaviour

Term
According to study plan

ECTS Credits
6

Language of instruction
Norwegian

Introduction

    Objective
    Upon completion of the course, students should be able to contribute in developing IT security strategies and project security solutions, as well as plan the implementation of these. Students are to develop knowledge of relevant security standards. They shall also become aware of the organizational requirements for good security and be able to assess if the organization employs sound security principles.

    Prerequisites
    No absolute prerequisites, but a good understanding of management principles and IT technology is an advantage.

    Compulsory reading
    Books:
    Alberts, Christopher and Audrey Dorofee. 2002. Managing information security risks : the OCTAVE approach. Addison Wesley
    Daler, Torgeir ... [et al.]. 2010. Håndbok i datasikkerhet : informasjonsteknologi og risikostyring. 3. utg. Tapir
    Laudon, Kenneth C., Jane P. Laudon. 2010. Management information systems : managing the digital firm. 11th ed. Upper Saddle River, N.J. : Pearson Education

    Other:
    NOU 2001: 10. Uten penn og blekk. Oslo: Statens forvaltningstjeneste


    Recommended reading
    Books:
    Høie, Tore Audun. 1999. Service : metodikk og ledelse. Oslo : Tano Aschehoug
    Schneier, Bruce. 2004. Secrets and lies : digital security in a networked world. Indianapolis, Ind. : John Wiley

    Other:
    Dugmore, Jenny, red.. 1998. Code of practice for IT service management. DISC PD0005. 2nd ed.. London: BSI. Kan kjøpes fra Norsk Standardiseringsforbund
    Norges standardiseringsforbund. 2001. Informasjonsteknologi: administrasjon av informasjonssikkerhet. NS-ISO/IEC 17799. Norges Standardiseringsforbund. Engelsk tittel: Information Security Management.


    Course outline
    • OCTAVE method
    • Introduction to information security
    • Organizing security work
    • The ISO/IEC 17799-1 standard and its importance
    • Security technology and relevant concepts
    • Operations security
    • Disaster prevention
    • Visit to leading computer centre
    • Security on the Internet
    • How is security dealt with in service agreements?
    • Information security and risk analyses
    • Develpoment of security strategies
    • Security leadership

    Computer-based tools
    The Internet will be used in connection with assignments.

    Course structure
    The course duration is 36 hours of lectures and exercises. A visit to an IT company is planned by the lecturer.


    Examination
    A five-hour individual written exam concludes the course.

    Examination code(s)
    INF24391Information- and data safetyt. Exam accounts for 100% of the grade in INF 2439, 6 ECTS credits.

    Examination support materials
    No support materials allowed.

    Re-sit examination
    Due to changes in our Bachelor Programmes from autumn 2009, there also will be changes in every single course.
    This course was lectured for the last time spring 2011. Re-sit exam will be offered every term even spring 2013.

    Additional information

    Semester

    Oversettelser