INFORMATION TECHNOLOGIES (TURKISH, NONTHESIS) | |||||
Master | TR-NQF-HE: Level 7 | QF-EHEA: Second Cycle | EQF-LLL: Level 7 |
Course Code | Course Name | Semester | Theoretical | Practical | Credit | ECTS |
YZM5604 | Information Security Management | Fall Spring |
3 | 0 | 3 | 12 |
This catalog is for information purposes. Course status is determined by the relevant department at the beginning of semester. |
Language of instruction: | Turkish |
Type of course: | Departmental Elective |
Course Level: | |
Mode of Delivery: | Face to face |
Course Coordinator : | Prof. Dr. MEHMET ALPER TUNGA |
Course Lecturer(s): |
Assist. Prof. ORHAN GÖKÇÖL Assoc. Prof. YÜCEL BATU SALMAN |
Recommended Optional Program Components: | None. |
Course Objectives: | The aim of this course is to learn how the information has a security in business. In this course, it is searched information security from a management view. Moreover, it is declared the standards and approaches of the information security management. The standard of information security managemet which is ISO27001 is going to express detailed. |
The students who have succeeded in this course; 1. Describe the characteristic features of Information Security 2. Apply the principles of Information Security Management Business Environments 3. Define the roles and responsibilities related to information security 4. Identify assets and the threats to assets 5. Calculate and manage information security risks 6. Define an Information Security Strategy and Architecture 7. Apply the ISO27001 standards to a real project |
The content of this course is composed of basics of Information Security (IS), threats, program structure of IS and development cycle of ISM, policies of IS, classification of assets, access control and physical security, IS risk analysis, IS risk management, business continuity management, ISM frame systems and ISO27001, ISO27001, IS infringed events management and IS legal issues. |
Week | Subject | Related Preparation |
1) | Introduction, general concepts | |
2) | Basics of IS, Threats | |
3) | Program structure of IS and development cycle of ISM | |
4) | Policies of IS | |
5) | Classification of assets | |
6) | Access control and physical security | |
7) | IS Rick Analysis/ Final distribution of projects | |
8) | IS Risk Management | |
9) | Business continuity management | |
10) | ISM frame systems and ISO27001 | |
11) | ISO27001 | |
12) | IS infringed events management | |
13) | IS Legal Issues/Final project intermediate controls | |
14) | Team project presentations |
Course Notes / Textbooks: | The standard of ISM systems IS027001 Various online references Online lecture notes |
References: | Yok - None. |
Semester Requirements | Number of Activities | Level of Contribution |
Homework Assignments | 1 | % 5 |
Project | 1 | % 30 |
Midterms | 2 | % 25 |
Final | 1 | % 40 |
Total | % 100 | |
PERCENTAGE OF SEMESTER WORK | % 30 | |
PERCENTAGE OF FINAL WORK | % 70 | |
Total | % 100 |
Activities | Number of Activities | Duration (Hours) | Workload |
Course Hours | 14 | 3 | 42 |
Application | 14 | 3 | 42 |
Study Hours Out of Class | 14 | 5 | 70 |
Midterms | 2 | 15 | 30 |
Final | 1 | 24 | 24 |
Total Workload | 208 |
No Effect | 1 Lowest | 2 Low | 3 Average | 4 High | 5 Highest |
Program Outcomes | Level of Contribution | |
1) | Follows the scientific literature in the field of Information Technology, critically analyzes it, and effectively utilizes it in solving complex IT problems. | |
2) | Designs, plans, implements, and manages original projects related to the field of Information Technology. | |
3) | Conducts independent studies in the field of Information Technology, assumes scientific responsibility, and evaluates the findings with a critical perspective. | |
4) | Presents the outcomes of research and projects effectively in written, oral, and visual forms, in accordance with academic and professional standards. | |
5) | Conducts independent research on specialized topics within the field, develops innovative and original ideas, and translates this knowledge into practice and technology. | |
6) | Effectively applies advanced theoretical knowledge and practical skills specific to the field of Information Technology; analyzes and develops current software, hardware, and system solutions. | |
7) | Acts in accordance with professional, scientific, and ethical principles; takes responsibility by considering the societal, environmental, and ethical impacts of IT applications. |