Seminar, 5.00 ECTS
The course will cover management systems for secure IT operations. Information Security Management Systems (ISMS) and Business Continuity Management Systems (BCM) are the core topics. Students are given an insight into the conception, introduction, operation and ongoing improvement of the systems. Topics such as risk assessments and risk management as well as compliance requirements and the preparation of companies for an ISO 27001 certification round off the topic.
Graduates gain knowledge concerning the risk management IT systems in dependancy to the processes an compliance rules of companies.
Recommended or required reading and other learning resources / tools
Douglas J. Landoll (2016):Information Security Policies, Procedures, and Standards: A Practitioner's Reference
M. Brenner (2017): Praxisbuch ISO/IEC 27001: Management der Informationssicherheit und Vorbereitung auf die Zertifizierung. Zur Norm ISO/IEC 27001:2015
M. Agrawal (2014): Information Security and IT Risk Management
S. Snedaker (2013): Business Continuity and Disaster Recovery Planning for IT Professionals, Second Edition
Mode of delivery
Prerequisites and co-requisites
modules ISY and SSC
Assessment methods and criteria
tutorial: continuous assessment