Faculty of Technical Sciences

University of Novi Sad

Subject: Information Security Management (19.SEM018)

Native organizations units: No data
 
Type of studies Title
Master Academic Studies Software Engineering and Information Technologies (Godina: 1, Winter)
General information:
 
Category Theoretical-methodological
Scientific or art field Applied Computer Science and Informatics
Interdisciplinary No
ECTS 6
Educational goal:

Students learn about the methods and techniques for the modeling and implementation of information security within the different systems.

Educational outcome:

After successfully completing the course the students are able to apply principles, methods and standards in the field of the information security. They are capable to implement information security management, security risk management, and to establish information security in organizations.

Course content:

Introduction to information security management: definition, fields of interest, basic concepts, development of information security. Requisites for information security: threats to information security, attacks on information systems, business, professional and ethical reasons for defining information security, legal framework. Information security standards: ISO 27000. Organization of information security: internal organization, external organization, resource management, physical and logical security, security incidents, business continuity. Information security management system: the concept of information security management systems and information security management, the scope of the system, user identification and resources, system design, policies, standards, procedures. Security risk management: fundamentals of risk management, risk identification, risk assessment, risk reduction, risk avoidance, strategies for risk control. Information security implementation: technical and non-technical aspects of implementation, defining security requirements, implementation of information security management, information security analysis, monitoring and maintenance.

Teaching methods:

Lectures. Computer practice. Consultations. The examination is oral. The final grade is formed on the basis of achievement in the laboratory practice classes and oral examination.

Literature:
Authors Title Year Publisher Language
Gardner, B., Thomas, V. Building an Information Security Awareness Program 2014 Elsevier English
Snedaker, S., Rima, Ch. Business Continuity and Disaster Recovery Planning for IT Professionals 2014 Elsevier English
Iannarelli, J., Shaughnessy, M. Information Governance and Security 2015 Elsevier English
Michael E. Whitman, Herbert J. Mattord Principles of Information Security, Fourth Edition 2012 Course Technology, Cengage Learning English
Ryan, M., Talabis, M., Jason, M. Information Security Risk Assessment Toolkit 2013 Elsevier English
Dalziel, H. Infosec Management Fundamentals 2015 Elsevier English
Evan Wheeler Security Risk Management Building an Information Security Risk Management Program from the Ground Up 2011 Elsevir English
Gantz, S. The Basics of IT Audit 2014 Elsevier English
ISO/IEC 27000 Information technology — Security techniques — Information security management systems 2009 ISO English
Knowledge evaluation:
Course activity Pre-examination Obligations Number of points
Project defence Yes Yes 50.00
Oral part of the exam No Yes 50.00
Lecturers:

Asistent Mijatov Vanja

Assistant - Master

Computational classes
API Image

prof. dr Sladić Goran

Full Professor

Lectures

Faculty of Technical Sciences

University of Novi Sad
Facebook Instagram Tiktok X-twitter Youtube Linkedin

© 2024. Faculty of Technical Sciences.

Contact:

Address: Trg Dositeja Obradovića 6, 21102 Novi Sad

Phone:  (+381) 21 450 810
(+381) 21 6350 413

Fax : (+381) 21 458 133
Emejl: ftndean@uns.ac.rs

© 2024. Faculty of Technical Sciences.