|Look up fees
This subject introduces a range of information security consulting services typically provided by leading management consultants in industry. The subject will cover the fundamental principles and practice of security risk assessment, incident response and disaster recovery, knowledge leakage, systems and network security, and policy and culture. Students will develop an appreciation for the kinds of consulting services that can be developed and marketed to industry in each of these areas. Consulting techniques in proposal writing, pricing, and marketing to prospective clients will also be discussed.
This subject supports course-level objectives by allowing students to have in-depth knowledge of the specialist area of information security management. The subject’s assessment tasks include the writing of a comprehensive consulting proposal and research into critical security issues faced by organisations. These tasks will encourage students to work in a team to develop a high-level of achievement in writing, research activities, and presentation skills.
Students who have a weighted average mark of at least 75% in the Master of Information Systems have the option to complete the on-line Advanced Elective ISYS90090 Cyber Security Management instead of ISYS90070 Information Security Consulting.
Security principles and techniques discussed are: Models for understanding knowledge leakage, Security Risk Assessment Methods including OCTAVE, Firewall and VPN security scenarios, SANS Incident Response Methodology. Real world cases will be drawn from a range of organisation types including critical infrastructure installations in Australia.
Intended learning outcomes
On completion of this subject, students should be able to:
- Identify a range of opportunities for information security consulting in organisations
- Develop and document a competitive business proposal to undertake information security consulting services inside an organisation
- Describe a high-level strategy for managing an organisations information security issues
- Appreciate the critical role of information security in organisations and the controls available for enforcement
On completion of this subject, students should have developed the following generic skills:
- Have in-depth knowledge of a specialist area through exposure and study of information security areas of knowledge
- Reach a high level of achievement in writing, research or project activities problem-solving and communication through the writing of a comprehensive consulting proposal
- Team-work, through working on a group project
- Report-writing skills
- Presentation skills
Last updated: 30 January 2024