INFORMATION TECHNOLOGIES (ENGLISH, NON-THESIS) | |||||
Master | TR-NQF-HE: Level 7 | QF-EHEA: Second Cycle | EQF-LLL: Level 7 |
Course Code | Course Name | Semester | Theoretical | Practical | Credit | ECTS |
SEN5604 | Information Security Management | Spring | 3 | 0 | 3 | 8 |
Language of instruction: | English |
Type of course: | Must Course |
Course Level: | |
Mode of Delivery: | Face to face |
Course Coordinator : | Prof. Dr. ADEM KARAHOCA |
Course Lecturer(s): |
Assist. Prof. ORHAN GÖKÇÖL Assist. Prof. BETÜL ERDOĞDU ŞAKAR |
Recommended Optional Program Components: | None |
Course Objectives: | The aim of this course is to learn how the information can be held securely in businesses and to discuss the information security from managerial perspective. Moreover, the standards and approaches which are used for information security management are will be discussed. The standard of information security management which is ISO27001 is going to be discussed in detail. |
The students who have succeeded in this course; 1. Identify the characteristic features (Confidentiality, Integrity and Availability) of Information Security 2. Identify and establish the principles of Information Security Management Business Environments 3. Define the roles and responsibilities related to information security 4. Define and prioritize assets, assets to identify the threats 5. Calculate and manage information security risks 6. Define an Information Security Strategy and Architecture 7. Apply a real project using the ISO27001 standard |
The content of this course is composed of Basics of IS, Threats, Program structure of IS and development cycle of ISM, Policies of IS, Classification of assets, Access control and physical security, IS Rick Analysis/ Final distribution of projects, IS Risk Management, Business continuity management, ISM frame systems and ISO27001, IS infringed events management, IS Legal Issues/Final project intermediate controls. |
Week | Subject | Related Preparation |
1) | Introduction, general concepts | |
2) | Basics of IS, Threats | |
3) | Program structure of IS and development cycle of ISM | |
4) | Policies of IS | |
5) | Classification of assets | |
6) | Access control and physical security | |
7) | IS Rick Analysis/ Final distribution of projects | |
8) | IS Risk Management | |
9) | Business continuity management | |
10) | ISM frame systems and ISO27001 | |
11) | ISO27001 | |
12) | IS infringed events management | |
13) | IS Legal Issues/Final project intermediate controls | |
14) | Team project presentations |
Course Notes / Textbooks: | SO27001 BGYS standardı Çeşitli online kaynaklar Online Ders notları |
References: | Yok |
Semester Requirements | Number of Activities | Level of Contribution |
Quizzes | 3 | % 15 |
Homework Assignments | 5 | % 5 |
Project | 8 | % 20 |
Midterms | 2 | % 20 |
Final | 1 | % 40 |
Total | % 100 | |
PERCENTAGE OF SEMESTER WORK | % 40 | |
PERCENTAGE OF FINAL WORK | % 60 | |
Total | % 100 |
Activities | Number of Activities | Duration (Hours) | Workload |
Course Hours | 14 | 3 | 42 |
Application | 14 | 1 | 14 |
Special Course Internship (Work Placement) | 14 | 7 | 98 |
Midterms | 1 | 23 | 23 |
Final | 1 | 23 | 23 |
Total Workload | 200 |
No Effect | 1 Lowest | 2 Low | 3 Average | 4 High | 5 Highest |
Program Outcomes | Level of Contribution | |
1) | Uses basic Software Engineering knowledge and competencies. | 3 |
2) | Applies the software development ability that is necessary for software engineering applications. | 3 |
3) | Uses data structures and applies information about algorithm development. | 2 |
4) | Develops system programs on operating systems. | 2 |
5) | Defines computer organization, design and architectures. | 2 |
6) | Creates the structure of computer networks and network security. | 2 |
7) | Uses business intelligence, data mining and data analysis tools, applies techniques about them. | 3 |
8) | Develops database applications and WEB based programs. | 4 |
9) | Defines, analyzes, designs and manages information technologies projects. | 3 |
10) | Uses and develops technology-based environments and tools in education. | 3 |
11) | Detects, identifies and solves information technology needs of the business environment. | 3 |
12) | Uses the capabilities of information technologies within the rules of professional responsibility and ethics. | 4 |