Subject Descriptions - Subject Information


Calendar: 2017 Postgraduate
Faculty: Faculty of Engineering and Information Sciences
Department: School of Computing and Information Technology



Subject Information
Subject Code MICT937
Subject Name IT Security and Risk Management
Credit Points 6
Pre-Requisites None.
Co-Requisites nil
Restrictions None.
Equivalence ISIT937
Assessment Individual report 10% Presentation 10% Group report 30% Final exam 50%
General Subject Yes.

Subject Description
This subject aims to provide students with a deep understanding of the management overview of information security and a thorough treatment of the administration of information security. Today most modern organisations using information technology to support their operations are exposed to various types of security risks. A sound business strategy that addresses information security issues is essential. This subject emphasises that information security is a management problem, and not one that technology alone can answer. The subject covers key issues in IT security management, including: security options, planning for security, information security policies, security management models, risk management, and security considerations in system development.


Subject Learning Outcomes
On successful completion of this subject, students will be able to:
1. Demonstrate a thorough understanding of current information security issues in modern organisations
2. Analyse the emerging trends in information security management practices.
3. Implement effective information security planning including contingency planning.
4. Evaluate and develop security policies at different levels.
5. Apply the security systems development life cycle to create a comprehensive security posture.
6. Use risk management techniques to identify, prioritise, and control risks in IT projects.

Extra Information
Generic Extra Information: