|Year of offer||Not available in 2019|
|Subject level||Graduate coursework|
|Fees||Subject EFTSL, Level, Discipline & Census Date|
This subject introduces a range of information security management services implemented in industry. The subject will cover the fundamental principles and practice of security risk assessment, incident response and disaster recovery, knowledge leakage, systems and network security, and policy and culture. Students will develop an appreciation for the kinds of security practices that exist in industry in each of these areas.
This subject supports course-level objectives by allowing students to have in-depth knowledge of the specialist area of information security management. The subject’s assessment tasks include the writing of a comprehensive consulting proposal and research into critical security issues faced by organizations. These tasks will encourage students to work in a team to develop a high-level of achievement in writing, research activities, and presentation skills.
Security principles and techniques discussed are: Models for understanding knowledge leakage, Security Risk Assessment Methods, Firewall and virtual private network (VPN) security scenarios, and Incident Response Methodology. Real world cases will be drawn from a range of organization types including critical infrastructure installations in Australia.
Intended learning outcomes
INTENDED LEARNING OUTCOMES (ILOs)
On completion of this subject the student is expected to:
- Have developed a sound knowledge and understanding of the practice of Business Information Systems Security in Organisations
- Have developed and applied skills in critical thinking and systems analysis to identify, evaluate and/or communicate strategic and operational issues suited to the application of Information Systems Security concepts and theories to real-world practice
- Have developed and applied skills related to business communication suited to the application of Information Systems Security concepts and theories to real-world practice
- Can demonstrate an understanding of professional codes of conduct and ethical standards as they apply to Information Systems Security in practice
Independently research and argue disparate beliefs/theories of information systems security
On completion of this subject, students should have developed the following generic skills:
- Have in-depth knowledge of a specialist area through exposure and study of information security areas of knowledge
- Reach a high level of achievement in writing, research or project activities problem-solving and communication through the writing of a comprehensive consulting proposal
- Report-writing skills
- Presentation skills