Teaching Responsibility

LJMU Schools involved in Delivery:

Computer Science and Mathematics

Learning Methods

Lecture
Practical
Tutorial

Module Offerings

5119COMP-JAN-CTY

Aims

To provide a detailed understanding of the main concepts of Information Assurance. To develop an appreciation of the process of information security management, including risk analysis, control analysis and post-event security. To develop an awareness of the standards relating to information assurance within enterprise environments, including legal and compliance issues.

Module Content

Outline Syllabus:Concepts in Information Assurance; threats, vulnerabilities, attacks, models for discussing security, situational awareness, economic and business constraints, technology controls, human factors, ethics, ‘cyber’. Risk Assessment; understanding risk factors, methods for risk assessment, standards including USA NIST and UK CESG. Information Security Management: governance and compliance, ‘Quality’ and the need for audit, standards including PCI-DSS and ISO 27001. Law: cyber-crime and related laws including CMA, DPA, RIPA. Related issues around ‘conflicts’ of privacy and free-speech. Post-event Security: attacks, incident response, disaster recovery, forensics and involvement of law enforcement.
Module Overview:
To provide a detailed understanding of the main concepts of Information Assurance. To develop an appreciation of the process of information security management, including risk analysis, control analysis and post-event security. To develop an awareness of the standards relating to information assurance within enterprise environments, including legal and compliance issues. The term Information Assurance generally refers to the wide range of activities that information security practitioners engage in, although typically excludes the actual development of solutions through software development. In this module the focus is on the analysis, management and information governance aspects of being an IA practitioner.
Additional Information:The term Information Assurance generally refers to the wide range of activities that information security practitioners engage in, although typically excludes the actual development of solutions through software development. In this module the focus is on the analysis, management and information governance aspects of being an IA practitioner.

Assessments

Centralised Exam
Centralised Exam