SEN5604 Information Security ManagementBahçeşehir UniversityDegree Programs INFORMATION TECHNOLOGIES (ENGLISH, THESIS)General Information For StudentsDiploma SupplementErasmus Policy StatementNational QualificationsBologna Commission
INFORMATION TECHNOLOGIES (ENGLISH, THESIS)
Master TR-NQF-HE: Level 7 QF-EHEA: Second Cycle EQF-LLL: Level 7

Course Introduction and Application Information

Course Code Course Name Semester Theoretical Practical Credit ECTS
SEN5604 Information Security Management Spring 3 0 3 8
This catalog is for information purposes. Course status is determined by the relevant department at the beginning of semester.

Basic information

Language of instruction: English
Type of course: Departmental Elective
Course Level:
Mode of Delivery: Face to face
Course Coordinator : Prof. Dr. ADEM KARAHOCA
Course Lecturer(s): Dr. Öğr. Üyesi ORHAN GÖKÇÖL
Dr. Öğr. Üyesi BETÜL ERDOĞDU ŞAKAR
Recommended Optional Program Components: None
Course Objectives: The aim of this course is to learn how the information can be held securely in businesses and to discuss the information security from managerial perspective. Moreover, the standards and approaches which are used for information security management are will be discussed. The standard of information security management which is ISO27001 is going to be discussed in detail.

Learning Outcomes

The students who have succeeded in this course;
1. Identify the characteristic features (Confidentiality, Integrity and Availability) of Information Security
2. Identify and establish the principles of Information Security Management Business Environments
3. Define the roles and responsibilities related to information security
4. Define and prioritize assets, assets to identify the threats
5. Calculate and manage information security risks
6. Define an Information Security Strategy and Architecture
7. Apply a real project using the ISO27001 standard

Course Content

The content of this course is composed of Basics of IS, Threats, Program structure of IS and development cycle of ISM, Policies of IS, Classification of assets, Access control and physical security, IS Rick Analysis/ Final distribution of projects, IS Risk Management, Business continuity management, ISM frame systems and ISO27001, IS infringed events management, IS Legal Issues/Final project intermediate controls.

Weekly Detailed Course Contents

Week Subject Related Preparation
1) Introduction, general concepts
2) Basics of IS, Threats
3) Program structure of IS and development cycle of ISM
4) Policies of IS
5) Classification of assets
6) Access control and physical security
7) IS Rick Analysis/ Final distribution of projects
8) IS Risk Management
9) Business continuity management
10) ISM frame systems and ISO27001
11) ISO27001
12) IS infringed events management
13) IS Legal Issues/Final project intermediate controls
14) Team project presentations

Sources

Course Notes / Textbooks: SO27001 BGYS standardı
Çeşitli online kaynaklar
Online Ders notları
References: Yok

Evaluation System

Semester Requirements Number of Activities Level of Contribution
Quizzes 3 % 15
Homework Assignments 5 % 5
Project 8 % 20
Midterms 2 % 20
Final 1 % 40
Total % 100
PERCENTAGE OF SEMESTER WORK % 40
PERCENTAGE OF FINAL WORK % 60
Total % 100

ECTS / Workload Table

Activities Number of Activities Duration (Hours) Workload
Course Hours 14 3 42
Application 14 1 14
Special Course Internship (Work Placement) 14 7 98
Midterms 1 23 23
Final 1 23 23
Total Workload 200

Contribution of Learning Outcomes to Programme Outcomes

No Effect 1 Lowest 2 Low 3 Average 4 High 5 Highest
           
Program Outcomes Level of Contribution
1) Uses basic Software Engineering knowledge and competencies 3
2) Applies the software development ability that is necessary for software engineering applications. 3
3) Uses data structures and applies information about algorithm development. 2
4) Develops system programs on operating systems. 2
5) Defines computer organization, design and architectures. 2
6) Creates the structure of computer networks and network security. 2
7) Uses business intelligence, data mining and data analysis tools, applies techniques about them. 3
8) Develops database applications and WEB based programs. 4
9) Defines, analyzes, designs and manages information technologies projects. 3
10) Uses and develops technology-based environments and tools in education. 3
11) Detects, identifies and solves information technology needs of the business environment. 3
12) Uses the capabilities of information technologies within the rules of professional responsibility and ethics. 4