Information Security Risk Management (5 op)

Arviointiasteikko

H-5

Sisällön jaksotus

After completing the course the student can:

- explain basic principles of ISO/IEC27005:2008 -standard based information security risk assessment and risk management
- explain the basic principles of information security risk assessment and risk management
- list the phases of information security risk management process
- classify information security risks by applying different approaches
- give examples of different information security risk assessment methods
- organize and conduct information security risk assessment to an SME sector enterprise or similar size organization
- analyze the results of information security risk assessment
- give justified improvement proposals to mitigate information security risks.

Tavoitteet

After completing the course the student can:
- explain the basic principles of information security risk assessment and risk management
- list the phases of information security risk management process
- classify information security risks by applying different approaches
- give examples of different information security risk assessment methods
- organize and conduct information security risk assessment to an SME sector enterprise or similar size organization
- analyze the results of information security risk assessment
- give justified improvement proposals to mitigate information security risks.

Sisältö

- The basic principles of information security risk assessment and risk management
- Information security risk management standard ISO/IEC 27005:2008
- Information security risk assessment methods and best practices
- Practical work

Oppimateriaalit

Material will be published in Itslearning.

Opetusmenetelmät

- Lectures, assignments and practical work

Tenttien ajankohdat ja uusintamahdollisuudet

Course has an exam.

Opiskelijan ajankäyttö ja kuormitus

Lectures
Assignments and practical work