|
Detailed information |
Original study plan |
Master's programme Computer Science 2021W |
Objectives |
Students
- learn the most important guidelines and standards in the area of information security management
- learn the basics of the certification
- have profound basic knowledge for initiating and implementing a continuous information security process
- can demonstrate solution paths for practical use.
|
Subject |
- Austrian Information Security Handbook, security management process, information security policies, classifications of data and systems, InfoSiG (information security law), InfoSiV (information security regulation), industrial security, SSRS, accreditation.
- ISO/IEC 27000 family, certification of the ISMS according to ISO/IEC 27001, ISO/IEC 27002, risk management according to ISO/IEC 27005, security measures (ISO/IEC 27004 and related standards), additional standards of the ISO/IEC 27000 family, future developments.
- Basic IT security according to the BSI (IT-Grundschutz), idea and process, BSI 100-1, 100-2, 100-3, GSTOOL, certification.
- CobiT, Controls, indicators, maturity level model.
- Common Criteria, protection profiles and security targets, security functional requirements and security assurance requirements, EALs, discretionary vs. mandatory access control, certifcation.
|
Criteria for evaluation |
Written exam
|
Methods |
Lecture
|
Language |
English |
Study material |
- basic literature:
Bundeskanzleramt, Informationssicherheitsbüro: Österreichisches Informationssicherheitshandbuch. books@ocg Band 226. www.a-sit.at, in der aktuellen Auflage.
- International Organization for Standardization: ISO/IEC 27001 Information Security Management Systems – Requirements.
- International Organization for Standardization: ISO/IEC 27005 Information Security Risk Management.
- BSI 100-1, BSI 100-2, BSI 100-3 + IT-Grundschutzkataloge, www.bsi.de.
- ISACA: CobiT 4.1.
- Common Criteria, Parts 1 – 3. www.commoncriteriaportal.org.
Additional literature is announced in every semester.
|
Changing subject? |
No |
Further information |
https://www.jku.at/en/institute-of-networks-and-security/
|
Corresponding lecture |
921NESEISMV13: VL Information Security Management (3 ECTS)
|
|