Teaching Responsibility
LJMU Schools involved in Delivery:
Computer Science and Mathematics
Learning Methods
Lecture
Practical
Tutorial
Module Offerings
5119COMP-JAN-CTY
Aims
To provide a detailed understanding of the main concepts of Information Assurance.
To develop an appreciation of the process of information security management, including risk analysis, control analysis and post-event security.
To develop an awareness of the standards relating to information assurance within enterprise environments, including legal and compliance issues.
Module Content
Outline Syllabus:Concepts in Information Assurance; threats, vulnerabilities, attacks, models for discussing security, situational awareness, economic and business constraints, technology controls, human factors, ethics, ‘cyber’.
Risk Assessment; understanding risk factors, methods for risk assessment, standards including USA NIST and UK CESG.
Information Security Management: governance and compliance, ‘Quality’ and the need for audit, standards including PCI-DSS and ISO 27001.
Law: cyber-crime and related laws including CMA, DPA, RIPA. Related issues around ‘conflicts’ of privacy and free-speech.
Post-event Security: attacks, incident response, disaster recovery, forensics and involvement of law enforcement.
Module Overview:
To provide a detailed understanding of the main concepts of Information Assurance. To develop an appreciation of the process of information security management, including risk analysis, control analysis and post-event security. To develop an awareness of the standards relating to information assurance within enterprise environments, including legal and compliance issues. The term Information Assurance generally refers to the wide range of activities that information security practitioners engage in, although typically excludes the actual development of solutions through software development. In this module the focus is on the analysis, management and information governance aspects of being an IA practitioner.
To provide a detailed understanding of the main concepts of Information Assurance. To develop an appreciation of the process of information security management, including risk analysis, control analysis and post-event security. To develop an awareness of the standards relating to information assurance within enterprise environments, including legal and compliance issues. The term Information Assurance generally refers to the wide range of activities that information security practitioners engage in, although typically excludes the actual development of solutions through software development. In this module the focus is on the analysis, management and information governance aspects of being an IA practitioner.
Additional Information:The term Information Assurance generally refers to the wide range of activities that information security practitioners engage in, although typically excludes the actual development of solutions through software development. In this module the focus is on the analysis, management and information governance aspects of being an IA practitioner.
Assessments
Centralised Exam
Centralised Exam