Information and Cyber Security Management and Leadership (5 cr)

Evaluation scale

H-5

Content scheduling

TOPICS
• Fundamentals of Information and Cyber Security Management
• Risk Management as a Part of Leadership
• Supply Chain and Contract Management
• Information and Cyber Security Management and Governance System (ISMS)
• Leadership Situational Awareness
• Training as a Component of Management and Governance

LEARNING OBJECTIVES
Students will be able to:
• Comprehend the basics of information and cyber security management
• Recognize management's responsibility for information and cyber security
• Identify the significance of information and cyber security for organizational business operations
• Evaluate the organization's competency level in information and cyber security and design and implement training programs
• Understand processes, management tools, and personnel and supply chain-related aspects of information and cyber security management
• Effectively assess risks in the cyber operational environment
• Appreciate the importance of situational awareness in crisis management
• Comprehend the content and significance of an Information and Cyber Security Management and Governance System (ISMS) for the organization
• Design and implement an ISMS and tailor it to the organization's specific needs
• Understand the importance of supply chain and contract management for the organization's information and cyber security
• Plan business preparedness and understand its alignment with the organization's strategy and business processes
• Recognize the importance of crisis management plans, crisis communication, and leadership training

SUMMARY
This course provides students with a comprehensive understanding of information and cyber security management and leadership, covering topics such as risk management, preparedness, continuity management, recovery, supply chain and contract management, and the implementation of an Information and Cyber Security Management and Governance System (ISMS). Students will also understand the importance of situational awareness in crisis management and will be equipped to plan and implement effective strategies. By the end of the course, students will have the skills to design and implement an ISMS, evaluate risks, develop preparedness plans, and comprehend the significance of these practices in maintaining a secure organizational environment.

Objective

Students will be able to:
• Comprehend the basics of information and cyber security management
• Recognize management's responsibility for information and cyber security
• Identify the significance of information and cyber security for organizational business operations
• Evaluate the organization's competency level in information and cyber security and design and implement training programs
• Understand processes, management tools, and personnel and supply chain-related aspects of information and cyber security management
• Effectively assess risks in the cyber operational environment
• Appreciate the importance of situational awareness in crisis management
• Comprehend the content and significance of an Information and Cyber Security Management and Governance System (ISMS) for the organization
• Design and implement an ISMS and tailor it to the organization's specific needs
• Understand the importance of supply chain and contract management for the organization's information and cyber security
• Plan business preparedness and understand its alignment with the organization's strategy and business processes
• Recognize the importance of crisis management plans, crisis communication, and leadership training

SUMMARY
This course provides students with a comprehensive understanding of information and cyber security management and leadership, covering topics such as risk management, preparedness, continuity management, recovery, supply chain, and contract management, and the implementation of an Information and Cyber Security Management and Governance System (ISMS). Students will also understand the importance of situational awareness in crisis management and will be equipped to plan and implement effective strategies. By the end of the course, students will have the skills to design and implement an ISMS, evaluate risks, develop preparedness plans, and comprehend the significance of these practices in maintaining a secure organizational environment.

Content

• Fundamentals of Information and Cyber Security Management
• Risk Management as a Part of Leadership
• Preparedness, Continuity Management, and Recovery
• Supply Chain and Contract Management
• Information and Cyber Security Management and Governance System (ISMS)
• Leadership Situational Awareness
• Training as a Component of Management and Governance

Materials

The learning environment used is the It’s Learning platform provided by Turku University of Applied Sciences. All course materials and remote assignments are distributed through the platform. Any peer assessments will also be conducted within the system

Teaching methods

Luennot ja lähipäivät
Kirjalliset etätehtävät
Itsenäinen ja ryhmätyöskentely

International connections

The pedagogical model and practices are based on problem-based learning, collaborative learning, and cooperation with the working life. Assigning remote tasks to the students' own employer organization benefits both the employer and the student. Peer learning during in-person sessions, through sharing experiences and discussions, is an essential part of the content of the on-site days. The course may also feature guest lecturers, providing students with the opportunity to ask questions to industry experts and deepen their own learning.

Student workload

Between the on-site sessions, students work independently on the given remote assignments related to the course topics. As a rule, all remote assignments are to be submitted.

Further information

The It’s Learning platform used by Turku University of Applied Sciences serves as the communication channel for the course.