|Year of offer||2019|
|Subject level||Graduate coursework|
|Fees||Subject EFTSL, Level, Discipline & Census Date|
This subject introduces a range of information security consulting services typically provided by leading management consultants in industry. The subject will cover the fundamental principles and practice of security risk assessment, incident response and disaster recovery, knowledge leakage, systems and network security, and policy and culture. Students will develop an appreciation for the kinds of consulting services that can be developed and marketed to industry in each of these areas. Consulting techniques in proposal writing, pricing, and marketing to prospective clients will also be discussed.
This subject supports course-level objectives by allowing students to have in-depth knowledge of the specialist area of information security management. The subject’s assessment tasks include the writing of a comprehensive consulting proposal and research into critical security issues faced by organizations. These tasks will encourage students to work in a team to develop a high-level of achievement in writing, research activities, and presentation skills.
Security principles and techniques discussed are: Models for understanding knowledge leakage, Security Risk Assessment Methods including OCTAVE, Firewall and VPN security scenarios, SANS Incident Response Methodology. Real world cases will be drawn from a range of organization types including critical infrastructure installations in Australia.
Intended learning outcomes
Intended Learning Outcomes (ILOs)
On completion of this subject the student is expected to:
- Identify a range of opportunities for information security consulting in organizations
- Develop and document a competitive business proposal to undertake information security consulting services inside an organization
- Describe a high-level strategy for managing an organization’s information security issues
- Appreciate the critical role of information security in organizations and the controls available for enforcement
On completion of this subject, students should have developed the following generic skills:
- Have in-depth knowledge of a specialist area through exposure and study of information security areas of knowledge
- Reach a high level of achievement in writing, research or project activities problem-solving and communication through the writing of a comprehensive consulting proposal
- Team-work, through working on a group project.
- Report-writing skills
- Presentation skills