Authorised by Academic Registrar, April 1996
Objectives At the completion of this subject students should know a range of information system security methods, techniques and issues; understand current issues in information system security; be able to apply information security methods, techniques and management to the development and management of information system security within an organisation; appreciate how to act ethically in the development and management of information system security.
Synopsis This subject will provide students with a knowledge of security issues in information systems, and will enable them to plan, develop and manage secure information systems. The subject has importance in an era in which security breaches are so evident. Review of information security components, principles, problems. Types of threats, including hackers, viruses, natural disasters, fraud, vandalism. Study of major, real-life, disastrous security breaches. Analysis of breaches, threats and risks. Study of security philosophies, methodologies, models, techniques and controls, including risk analysis, access matrices, passwords, smart cards, and auditing. Security for different applications. Ethical and legal issues. Computer crime. Security management. Information security in the future.
Assessment Examination (2 hours): 50% + Practical work: 50%