Abstract
Cyber security is primarily a management and not a technical problem. Identifying risk and implementing effective policy and practice to secure information is recognised as a management issue. This subject is comprised of a series of topics that investigate cyber security and the implications for the management of Information and … For more content click the Read More button below.
Syllabus
Introduction to the management of cyber securityPlanning for securityCyber security policyDeveloping the security programRisk management: Identifying and assessing riskRisk management: controlling riskSecurity management modelsSecurity management practicesPlanning for contingenciesSecurity maintenanceCyber law and compliance
Learning outcomes
Upon successful completion of this subject, students should:
1.
be able to describe the key concepts associated with management of cyber security;
2.
be able to explore and analyse the principle components of enterprise information security governance and planning;
3.
be able to develop an enterprise information security policy;
4.
be able to propose risk management and risk mitigation strategies; and
5.
be able to discuss the legal and regulatory environment in the context of cyber security.
Assumed knowledge
It is assumed students will have completed ITC292, or content similar
Enrolment restrictions
Available to undergraduate students only.