Master TR-NQF-HE: Level 7 QF-EHEA: Second Cycle EQF-LLL: Level 7

Course Introduction and Application Information

Course Code Course Name Semester Theoretical Practical Credit ECTS
SEN5604 Information Security Management Spring 3 0 3 8

Basic information

Language of instruction: English
Type of course: Must Course
Course Level:
Mode of Delivery: Face to face
Course Coordinator : Prof. Dr. ADEM KARAHOCA
Course Lecturer(s): Dr. Öğr. Üyesi ORHAN GÖKÇÖL
Recommended Optional Program Components: None
Course Objectives: The aim of this course is to learn how the information can be held securely in businesses and to discuss the information security from managerial perspective. Moreover, the standards and approaches which are used for information security management are will be discussed. The standard of information security management which is ISO27001 is going to be discussed in detail.

Learning Outcomes

The students who have succeeded in this course;
1. Identify the characteristic features (Confidentiality, Integrity and Availability) of Information Security
2. Identify and establish the principles of Information Security Management Business Environments
3. Define the roles and responsibilities related to information security
4. Define and prioritize assets, assets to identify the threats
5. Calculate and manage information security risks
6. Define an Information Security Strategy and Architecture
7. Apply a real project using the ISO27001 standard

Course Content

The content of this course is composed of Basics of IS, Threats, Program structure of IS and development cycle of ISM, Policies of IS, Classification of assets, Access control and physical security, IS Rick Analysis/ Final distribution of projects, IS Risk Management, Business continuity management, ISM frame systems and ISO27001, IS infringed events management, IS Legal Issues/Final project intermediate controls.

Weekly Detailed Course Contents

Week Subject Related Preparation
1) Introduction, general concepts
2) Basics of IS, Threats
3) Program structure of IS and development cycle of ISM
4) Policies of IS
5) Classification of assets
6) Access control and physical security
7) IS Rick Analysis/ Final distribution of projects
8) IS Risk Management
9) Business continuity management
10) ISM frame systems and ISO27001
11) ISO27001
12) IS infringed events management
13) IS Legal Issues/Final project intermediate controls
14) Team project presentations


Course Notes / Textbooks: SO27001 BGYS standardı
Çeşitli online kaynaklar
Online Ders notları
References: Yok

Evaluation System

Semester Requirements Number of Activities Level of Contribution
Quizzes 3 % 15
Homework Assignments 5 % 5
Project 8 % 20
Midterms 2 % 20
Final 1 % 40
Total % 100
Total % 100

ECTS / Workload Table

Activities Number of Activities Duration (Hours) Workload
Course Hours 14 3 42
Application 14 1 14
Special Course Internship (Work Placement) 14 7 98
Midterms 1 23 23
Final 1 23 23
Total Workload 200

Contribution of Learning Outcomes to Programme Outcomes

No Effect 1 Lowest 2 Low 3 Average 4 High 5 Highest
Program Outcomes Level of Contribution
1) Understand and implement advanced concepts of Siber Security
2) Use math, science, and modern engineering tools to formulate and solve advenced siber security problems.
3) Review the literature critically pertaining to his/her research projects, and connect the earlier literature to his/her own results
4) Follow, interpret and analyze scientific researches in the field of engineering and use the knowledge in his/her field of study
5) Work effectively in multi-disciplinary research teams
6) Acquire scientific knowledge
7) Find out new methods to improve his/her knowledge.
8) Effectively express his/her research ideas and findings both orally and in writing
9) Defend research outcomes at seminars and conferences.
10) Prepare master thesis and articles about thesis subject clearly on the basis of published documents, thesis, etc.
11) Demonstrate professional and ethical responsibility.