BAHÇEŞEHİR UNIVERSITY BİLGİ PAKETİ / DERS KATALOĞU
YZM5604 Information Security Management
Bahçeşehir University
Degree Programs
INFORMATION TECHNOLOGIES (TURKISH, NONTHESIS)
General Information For Students
Diploma SupplementErasmus Policy Statement
Bologna CommissionNational Qualifications
INFORMATION TECHNOLOGIES (TURKISH, NONTHESIS)
Master TR-NQF-HE: Level 7 QF-EHEA: Second Cycle EQF-LLL: Level 7

Course Introduction and Application Information

Course Code Course Name Semester Theoretical Practical Credit ECTS
YZM5604 Information Security Management Fall
Spring
 3 0 3 12
This catalog is for information purposes. Course status is determined by the relevant department at the beginning of semester.

Basic information

Language of instruction: Turkish
Type of course: Departmental Elective
Course Level:
Mode of Delivery: Face to face
Course Coordinator : Prof. Dr. MEHMET ALPER TUNGA
Course Lecturer(s): Assist. Prof. ORHAN GÖKÇÖL
Assoc. Prof. YÜCEL BATU SALMAN
Recommended Optional Program Components: None.
Course Objectives: The aim of this course is to learn how the information has a security in business. In this course, it is searched information security from a management view. Moreover, it is declared the standards and approaches of the information security management. The standard of information security managemet which is ISO27001 is going to express detailed.

Learning Outcomes

The students who have succeeded in this course;
1. Describe the characteristic features of Information Security
2. Apply the principles of Information Security Management Business Environments
3. Define the roles and responsibilities related to information security
4. Identify assets and the threats to assets
5. Calculate and manage information security risks
6. Define an Information Security Strategy and Architecture
7. Apply the ISO27001 standards to a real project

Course Content

The content of this course is composed of basics of Information Security (IS), threats, program structure of IS and development cycle of ISM, policies of IS, classification of assets, access control and physical security, IS risk analysis, IS risk management, business continuity management, ISM frame systems and ISO27001, ISO27001, IS infringed events management and IS legal issues.

Weekly Detailed Course Contents

Week Subject Related Preparation
1) Introduction, general concepts
2) Basics of IS, Threats
3) Program structure of IS and development cycle of ISM
4) Policies of IS
5) Classification of assets
6) Access control and physical security
7) IS Rick Analysis/ Final distribution of projects
8) IS Risk Management
9) Business continuity management
10) ISM frame systems and ISO27001
11) ISO27001
12) IS infringed events management
13) IS Legal Issues/Final project intermediate controls
14) Team project presentations

Sources

Course Notes / Textbooks: The standard of ISM systems IS027001
Various online references
Online lecture notes
References: Yok - None.

Evaluation System

Semester Requirements Number of Activities Level of Contribution
Homework Assignments 1 % 5
Project 1 % 30
Midterms 2 % 25
Final 1 % 40
Total % 100
PERCENTAGE OF SEMESTER WORK % 30
PERCENTAGE OF FINAL WORK % 70
Total % 100

ECTS / Workload Table

Activities Number of Activities Duration (Hours) Workload
Course Hours 14 3 42
Application 14 3 42
Study Hours Out of Class 14 5 70
Midterms 2 15 30
Final 1 24 24
Total Workload 208

Contribution of Learning Outcomes to Programme Outcomes

No Effect 1 Lowest 2 Low 3 Average 4 High 5 Highest
           
Program Outcomes Level of Contribution
1) Follows the scientific literature in the field of Information Technology, critically analyzes it, and effectively utilizes it in solving complex IT problems.
2) Designs, plans, implements, and manages original projects related to the field of Information Technology.
3) Conducts independent studies in the field of Information Technology, assumes scientific responsibility, and evaluates the findings with a critical perspective.
4) Presents the outcomes of research and projects effectively in written, oral, and visual forms, in accordance with academic and professional standards.
5) Conducts independent research on specialized topics within the field, develops innovative and original ideas, and translates this knowledge into practice and technology.
6) Effectively applies advanced theoretical knowledge and practical skills specific to the field of Information Technology; analyzes and develops current software, hardware, and system solutions.
7) Acts in accordance with professional, scientific, and ethical principles; takes responsibility by considering the societal, environmental, and ethical impacts of IT applications.