[ 921NESEISMK21 ] KV Information Security Management

Workload Education level Study areas Responsible person Hours per week Coordinating university
3 ECTS M1 - Master's programme 1. year Computer Science Stefan Rass 2 hpw Johannes Kepler University Linz
Detailed information
Original study plan Master's programme Computer Science 2022W
Objectives Students

  • learn the most important guidelines and standards in the area of information security management
  • learn the basics of the certification
  • have profound basic knowledge for initiating and implementing a continuous information security process
  • can demonstrate solution paths for practical use.
  • Austrian Information Security Handbook, security management process, information security policies, classifications of data and systems, InfoSiG (information security law), InfoSiV (information security regulation), industrial security, SSRS, accreditation.
  • ISO/IEC 27000 family, certification of the ISMS according to ISO/IEC 27001, ISO/IEC 27002, risk management according to ISO/IEC 27005, security measures (ISO/IEC 27004 and related standards), additional standards of the ISO/IEC 27000 family, future developments.
  • Basic IT security according to the BSI (IT-Grundschutz), idea and process, BSI 100-1, 100-2, 100-3, GSTOOL, certification.
  • CobiT, Controls, indicators, maturity level model.
  • Common Criteria, protection profiles and security targets, security functional requirements and security assurance requirements, EALs, discretionary vs. mandatory access control, certifcation.
Criteria for evaluation Written exam
Methods Lecture
Language English
Study material
  • basic literature:
    Bundeskanzleramt, Informationssicherheitsbüro: Österreichisches Informationssicherheitshandbuch. books@ocg Band 226., in der aktuellen Auflage.
  • International Organization for Standardization: ISO/IEC 27001 Information Security Management Systems – Requirements.
  • International Organization for Standardization: ISO/IEC 27005 Information Security Risk Management.
  • BSI 100-1, BSI 100-2, BSI 100-3 + IT-Grundschutzkataloge,
  • ISACA: CobiT 4.1.
  • Common Criteria, Parts 1 – 3.

Additional literature is announced in every semester.

Changing subject? No
Further information
Corresponding lecture 921NESEISMV13: VL Information Security Management (3 ECTS)
On-site course
Maximum number of participants -
Assignment procedure Direct assignment