Inhalt

[ 921NESEISMK21 ] KV (*)Information Security Management

Versionsauswahl
(*) Leider ist diese Information in Deutsch nicht verfügbar.
Workload Ausbildungslevel Studienfachbereich VerantwortlicheR Semesterstunden Anbietende Uni
3 ECTS M1 - Master 1. Jahr Informatik Stefan Rass 2 SSt Johannes Kepler Universität Linz
Detailinformationen
Quellcurriculum Masterstudium Computer Science 2022W
Ziele (*)Students

  • learn the most important guidelines and standards in the area of information security management
  • learn the basics of the certification
  • have profound basic knowledge for initiating and implementing a continuous information security process
  • can demonstrate solution paths for practical use.
Lehrinhalte (*)
  • Austrian Information Security Handbook, security management process, information security policies, classifications of data and systems, InfoSiG (information security law), InfoSiV (information security regulation), industrial security, SSRS, accreditation.
  • ISO/IEC 27000 family, certification of the ISMS according to ISO/IEC 27001, ISO/IEC 27002, risk management according to ISO/IEC 27005, security measures (ISO/IEC 27004 and related standards), additional standards of the ISO/IEC 27000 family, future developments.
  • Basic IT security according to the BSI (IT-Grundschutz), idea and process, BSI 100-1, 100-2, 100-3, GSTOOL, certification.
  • CobiT, Controls, indicators, maturity level model.
  • Common Criteria, protection profiles and security targets, security functional requirements and security assurance requirements, EALs, discretionary vs. mandatory access control, certifcation.
Beurteilungskriterien (*)Written exam
Lehrmethoden (*)Lecture
Abhaltungssprache Englisch
Literatur (*)
  • basic literature:
    Bundeskanzleramt, Informationssicherheitsbüro: Österreichisches Informationssicherheitshandbuch. books@ocg Band 226. www.a-sit.at, in der aktuellen Auflage.
  • International Organization for Standardization: ISO/IEC 27001 Information Security Management Systems – Requirements.
  • International Organization for Standardization: ISO/IEC 27005 Information Security Risk Management.
  • BSI 100-1, BSI 100-2, BSI 100-3 + IT-Grundschutzkataloge, www.bsi.de.
  • ISACA: CobiT 4.1.
  • Common Criteria, Parts 1 – 3. www.commoncriteriaportal.org.

Additional literature is announced in every semester.

Lehrinhalte wechselnd? Nein
Sonstige Informationen (*)https://www.jku.at/en/institute-of-networks-and-security/
Äquivalenzen (*)921NESEISMV13: VL Information Security Management (3 ECTS)
Präsenzlehrveranstaltung
Teilungsziffer -
Zuteilungsverfahren Direktzuteilung