IKT624 ISO/IEC 27000 Family of Security Standards
- ECTS Credits:
- 5
- Responsible department:
- Faculty of Engineering and Science
- Lecture Semester:
- Autumn
- Teaching language:
- English.
- Duration:
- 1 term
The course is connected to the following study programs
- Information and Communication Technology, PhD Programme
- PhD Programme in Engineering and Science
Teaching language
English.Course contents
The ISO/IEC 27001 standard defines principles for information security managing systems according to best practice in quality improvement. ISO/IEC 27002 is the code of practice for information security management. Other parts of the IOS/IEC 27000 family of standards provide guidelines for implementation, security metrics and information security risk assessment.
The course will cover the following:
-
Information security management systems
-
Information security management as continuous improvement
-
Integration of security in total quality management
-
The structure of the ISO/IEC 27001 and 27002 standards
-
Controls and best practice
-
Measurement and metrics
-
Information security risk management
Learning outcomes
After completing the course, the student is expected to have knowledge of the basics of information security management.
Examination requirements
Approved project report.
Teaching methods
Lecture, exercises and project work.
Assessment methods and criteria
Oral examination. Pass/Fail.