|Name||Information Security Management|
|Verantwortlich||Prof. Dr. Alf Zugenmaier|
|Lehrform||SU mit Übung|
30 Präsenzstunden Vorlesung, 30 Präsenzstunden Praktikum, 45 Stunden Vor-/Nachbereitung des Praktikums, 45 Stunden Nachbereitung der Vorlesung und Prüfungsvorbereitung
Foundations of computer science and basic programming skills
Students who successfully complete this module will be able to:
Information Security Management is the process of establishing and maintaining a secure information environment and can be called an Information Security Management System. This ISMS must address the implementation and maintenance of processes and procedures to manage Information Security. These actions include identification of information security needs, implementation of strategies to meet these needs, the measurement of results, and improving both the rotection strategies and the ISMS over time. Information Security includes all aspects related to defining, achieving and maintaining the five security services of identification & authentication, authorisation, confidentiality, integrity and nonrepudiation as specified by the ISO/IEC 27002 international standard.
The domain of Information Security Management is no longer exclusively of a managerial nature, since technical aspects also need to be considered on management level. Information Security Management can be approached from various perspectives. One way of establishing an ISMS is from a strategic perspective, addressing amongst others corporate governance, policies and pure management issues. Another approach can be from a ‘human’ side, addressing issues such as security culture, awareness, training, ethics and other human related issues such as legal aspects.
|Medien und Methoden||
Veranstaltungsspezifische Website, Moodle, Tafel und Folien (Powerpoint)
ISO/IEC 27043: Incident investigation principles and processes (Will be made available during lectures)
Various state-of-the-art academic papers will be made available during lectures.