Information Security Risk Management (5 cr)
Code: 3011369-3003
General information
- Enrollment
-
02.12.2020 - 22.01.2021
Registration for the implementation has ended.
- Timing
-
04.01.2021 - 23.04.2021
Implementation has ended.
- Number of ECTS credits allocated
- 5 cr
- Local portion
- 5 cr
- Mode of delivery
- Contact learning
- Unit
- Engineering and Business
- Campus
- Kupittaa Campus
- Teaching languages
- Finnish
- Teachers
- Jani Ekqvist
- Mika Koivunen
- Course
- 3011369
Evaluation scale
H-5
Objective
After completing the course the student can:
- explain the basic principles of information security risk assessment and risk management
- list the phases of information security risk management process
- classify information security risks by applying different approaches
- give examples of different information security risk assessment methods
- organize and conduct information security risk assessment to an SME sector enterprise or similar size organization
- analyze the results of information security risk assessment
- give justified improvement proposals to mitigate information security risks.
Content
- The basic principles of information security risk assessment and risk management
- Information security risk management standard ISO/IEC 27005:2008
- Information security risk assessment methods and best practices
- Practical work