Information Security Risk ManagementLaajuus (5 cr)

Objective

Information security risk management has become a key issue in today's business environment. There are different kinds of information security risks facing to organizations, e.g. risks relating to the use of outsourcing (i.a. cloud services) or social media services. These risks must be assessed and after that they must be properly managed.After completing this course the studentcan describe the phases of information security risk management processis able to classify information security risks by applying different approachesis able to discuss about and make development suggestions forthe organization's information security risk management practices

Content

Content:the principles of information security risk assessment and risk managementinformation security risk management standard ISO/IEC 27005:2013information security risk management methods and best practices