Information Security Risk Management (5 cr)

Code: 3011369-3006

General information

Enrollment: 01.08.2023 - 30.08.2023
Registration for the implementation has ended.

Timing: 31.08.2023 - 31.12.2023
Implementation has ended.

Number of ECTS credits allocated: 5 cr

Local portion: 5 cr

Mode of delivery: Contact learning

Unit: Engineering and Business

Campus: Kupittaa Campus

Teaching languages: Finnish; English

Seats: 20 - 60

Degree programmes: Degree Programme in Information and Communications Technology; Degree Programme in Information and Communication Technology

Teachers: Pia Satopää

Teacher in charge: Pia Satopää

Groups: PTIETS21dncs
PTIETS21 Data Networks and Cybersecurity; PTIVIS21T
Data Networks and Cybersecurity

Course: 3011369

No reservations found for realization 3011369-3006!

Evaluation scale

H-5

Content scheduling

After completing the course the student can:

- explain basic principles of ISO/IEC27005:2008 -standard based information security risk assessment and risk management
- explain the basic principles of information security risk assessment and risk management
- list the phases of information security risk management process
- classify information security risks by applying different approaches
- give examples of different information security risk assessment methods
- organize and conduct information security risk assessment to an SME sector enterprise or similar size organization
- analyze the results of information security risk assessment
- give justified improvement proposals to mitigate information security risks.

Objective

After completing the course the student can:
- explain the basic principles of information security risk assessment and risk management
- list the phases of information security risk management process
- classify information security risks by applying different approaches
- give examples of different information security risk assessment methods
- organize and conduct information security risk assessment to an SME sector enterprise or similar size organization
- analyze the results of information security risk assessment
- give justified improvement proposals to mitigate information security risks.

Content

- The basic principles of information security risk assessment and risk management
- Information security risk management standard ISO/IEC 27005:2008
- Information security risk assessment methods and best practices
- Practical work

Materials

Material will be published in Itslearning.

Teaching methods

- Lectures, assignments and practical work

Exam schedules

Course has an exam.

Student workload

Lectures
Assignments and practical work