• Austrian Information Security Handbook, security management process, information security policies, classifications of data and systems, InfoSiG (information security law), InfoSiV (information security regulation), industrial security, SSRS, accreditation.
• ISO/IEC 27000 family, certification of the ISMS according to ISO/IEC 27001, ISO/IEC 27002, risk management according to ISO/IEC 27005, security measures (ISO/IEC 27004 and related standards), additional standards of the ISO/IEC 27000 family, future developments.
• Basic IT security according to the BSI (IT-Grundschutz), idea and process, BSI 100-1, 100-2, 100-3, GSTOOL, certification.
• CobiT, Controls, indicators, maturity level model.
• Common Criteria, protection profiles and security targets, security functional requirements and security assurance requirements, EALs, discretionary vs. mandatory access control, certifcation.

• basic literature:
  Bundeskanzleramt, Informationssicherheitsbüro: Österreichisches Informationssicherheitshandbuch. books@ocg Band 226. www.a-sit.at, in der aktuellen Auflage.
  
• International Organization for Standardization: ISO/IEC 27001 Information Security Management Systems – Requirements.
  
• International Organization for Standardization: ISO/IEC 27005 Information Security Risk Management.
  
• BSI 100-1, BSI 100-2, BSI 100-3 + IT-Grundschutzkataloge, www.bsi.de.
  
• ISACA: CobiT 4.1.
  
• Common Criteria, Parts 1 – 3. www.commoncriteriaportal.org.

Additional literature is announced in every semester.