Syllabus for Information Systems B: Information and IT Security

Informationssystem B: Informations- och IT-säkerhet

Syllabus

  • 7.5 credits
  • Course code: 2IS052
  • Education cycle: First cycle
  • Main field(s) of study and in-depth level: Information Systems G1F

    Explanation of codes

    The code indicates the education cycle and in-depth level of the course in relation to other courses within the same main field of study according to the requirements for general degrees:

    First cycle

    • G1N: has only upper-secondary level entry requirements
    • G1F: has less than 60 credits in first-cycle course/s as entry requirements
    • G1E: contains specially designed degree project for Higher Education Diploma
    • G2F: has at least 60 credits in first-cycle course/s as entry requirements
    • G2E: has at least 60 credits in first-cycle course/s as entry requirements, contains degree project for Bachelor of Arts/Bachelor of Science
    • GXX: in-depth level of the course cannot be classified

    Second cycle

    • A1N: has only first-cycle course/s as entry requirements
    • A1F: has second-cycle course/s as entry requirements
    • A1E: contains degree project for Master of Arts/Master of Science (60 credits)
    • A2E: contains degree project for Master of Arts/Master of Science (120 credits)
    • AXX: in-depth level of the course cannot be classified

  • Grading system: Fail (U), Pass (G), Pass with distinction (VG)
  • Established: 2016-10-24
  • Established by:
  • Revised: 2020-06-04
  • Revised by: The Department Board
  • Applies from: Spring 2021
  • Entry requirements: 15 credits in information systems or the equivalent
  • Responsible department: Department of Informatics and Media

Learning outcomes

In terms of knowledge and understanding, after completed course the student should be able to:

  • describe possible threats to information security in an organisation,
  • explain information security fundamentals and describe the basic requirements for an information security management system and its security measures;
  • describe regulations and standards in the area,
  • describe the fundamentals of how information assets, such as data and IT systems, as well as people, can be protected in an organisation.

In terms of skills and abilities, after completed course the student should be able to:

  • classify information assets according to confidentiality, accuracy and availability,
  • carry out risk analyses,
  • identify elementary security issues in programs and systems,
  • propose measures to protect information assets based upon information classification and risk analyses carried out,
  • apply principles of secure programming through a small study in a given area.

In terms of judgement and approach, after completed course the student should be able to:

  • analyse and evaluate current threats to organisations, and evaluate their impact on individuals as well as organisations and society,
  • discuss how the development and use of IT affects people, organisations, and society.

Content

The course gives the student an introduction to the field of information security. The course begins by addressing potential threats and actors that may pose risks to an organisations operations. The student is introduced to what an Information Security Management System (ISMS) is, as well as how it is used to secure the organisation's information assets. The student learns about the basic elements of an ISMS, such as education and awareness, continuity planning and incident management, risk analysis and risk management, as well as technical safeguards such as crypto techniques, secure programming and design, certificate management and system security measures. Regulations and standards regarding information security, which can impose external demands on an organisation, are also dealt with, as are ethical aspects and the impact on society at large.

Instruction

Lectures, laborations and seminars.

Assessment

Exam, assignments, seminars.

If there are special reasons for doing so, an examiner may make an exception from the method of assessment indicated and allow a student to be assessed by another method. An example of special reasons might be a certificate regarding special pedagogical support from the University's disability coordinator or a decision by the department's working group for study matters.

Reading list

Reading list

Applies from: Spring 2021

Some titles may be available electronically through the University library.

  • Oscarson, Per Informationssäkerhet

    Upplaga 1: Lund: Studentlitteratur, [2019]

    Find in the library

    Mandatory