Information Security Management

  • English
  • Deutsch

Students learn the most important guidelines and standards in the area of incformation security management as well as basics of its certification. They have profound basic knowledge for initiating and implementing a continuous information security process and can demonstrate solution paths for practical use. 

Course content: 
Austrian Information Security Handbook, security management process, information security policies, classifications of data and systems, InfoSiG (information security law), InfoSiV (information security regulation), industrial security, SSRS, accreditation.
 
ISO/IEC 27000 family, certification of the ISMS according to ISO/IEC 27001, ISO/IEC 27002, risk management according to ISO/IEC 27005, security measures (ISO/IEC 27004 and related standards), additional standards of the ISO/IEC 27000 family, future developments.
Basic IT security according to the BSI (IT-Grundschutz), idea and process, BSI 100-1, 100-2, 100-3, GSTOOL, certification.
CobiT, Controls, indicators, maturity level model.
 
Common Criteria, protection profiles and security targets, security functional requirements and security assurance requirements, EALs, discretionary vs. mandatory access control, certifcation. 
Lecturer(s): 
LVA type: 
VO
LVA number: 
353.046
Hours per semester: 
2
ECTS: 
3.00
Location: 
S2 048, HS 17, T 405
Exam: 

Written exam

Dates: 

Fr.  15.01.16  09:15 – 18:00  S2 048 
Fr.  22.01.16  09:15 – 18:00  HS 17   
Fr.  29.01.16  09:15 – 18:00  T 405