INFORMATION SECURITY FOR BUSINESS AND GOVERNMENT - 2017/8

Module code: COMM050

Module provider

Computer Science

Module Leader

TREHARNE H Dr (Computer Sci)

Number of Credits

15

ECT Credits

7.5

Framework

FHEQ Level 7

JACs code

I200

Module cap (Maximum number of students)

N/A

Module Availability

Semester 2

Overall student workload

Lecture Hours: 24

Tutorial Hours: 12

Assessment pattern

Assessment type Unit of assessment Weighting
Coursework COURSEWORK 1 40
Coursework COURSEWORK 2 40
Coursework COURSEWORK 3 20

Alternative Assessment

Individual coursework as alternative to coursework 1 (group)

Prerequisites / Co-requisites

None

Module overview

The field of Information security has continued to grow rapidly in the past few years. Cyber-crime and terrorism activities have spurred on many new research fields and activities in information security, particularly for applications in the commerce, government and defence sectors. These have resulted in many innovative developments and solutions to address some of the problems and issues related to security for software and systems. Unfortunately new innovations and technologies have also brought along a new set of security concerns and problems, for example, such as security loopholes and attacks that are frequently associated with common operating systems, databases and networks.
This module will be presented by security experts from government and industry to provide the students with knowledge and their perspective on the latest innovation and technologies, as well as problems and concerns associated with information security. These lectures will cover security issues with business and government IT systems, developer concerns, common practices for information security and risk management, assurance and audit, legislation frameworks for data protection and privacy.

 

Module aims

This module will provide the students with a comprehensive insight into the latest technological solutions, applications, problems and concerns related to information security. It will consist of a series of lectures presented by security experts from government and industry. These lectures will cover various security issues with business and government IT systems, system architecture, developer concerns, information assurance and risk management, and information sharing. By working on group projects students will obtain hands-on knowledge and experience from industrial experts on the latest technologies and applications, problems and concerns related to information security.

Learning outcomes

Attributes Developed
Have a good knowledge of how to architect a real-time web application KCPT
Contrast and evaluate the latest innovations and technologies in information security KC
Recognise the benefits, concerns and problems associated with computer and IT security systems KCT
Describe and design relevant functions within a security platform/system based on topics covered by industrial experts KPT

Attributes Developed

C - Cognitive/analytical

K - Subject knowledge

T - Transferable skills

P - Professional/Practical skills

Module content


Business IT security requirements and developer issues (incl. information security planning processes)
Information security management in business and government organisations (incl. ISO27001 guidelines, incident management and handling ISO27002 guidelines)
Information security risk assessment and management (incl. ISO27005 guidelines)
Information security planning, disaster recovery strategies, backup and logging
Information security assurance and audit practices in business and organisations (incl. ISO 27007 guidelines)
Information security certification frameworks (incl. ISO 15408 Common Criteria)
Data protection and privacy legislation (incl. regulations on the use and disseminations of information security technologies)
Intellectual property and copyright (incl. security and concerns in information sharing)

Methods of Teaching / Learning

The learning and teaching strategy is designed to:


Help students to understand the latest technological solutions, applications, problems and concerns related to information security
Enable students to critically judge and make informed decision about the adoption of security solutions and applications for business and government IT systems


The learning and teaching methods include:


Lectures and example classes involving experts from industry and government (10 weeks at 2h)
10 hours of work on a group project related to a selected security area from the expert lectures. The project documentation will comprise anindividual report (5000 words) on a randomly selected theme from expert lectures with literature survey, in-depth interpretation and analysis, a group poster presentation, a group oral presentation and weekly summaries of lectures.


Students will be expected to distribute the remaining workload on self-study, preparation for lectures and submission of the project documentation.

 

Assessment Strategy

The assessment strategy is designed to provide students with the opportunity to demonstrate that they have achieved the module learning outcomes.

Thus, the summative assessment for this module consists of:



Coursework I (group) focusing on a creation of a poster and its oral presentation for a randomly selected security topic from the given expert lectures. This addresses LO2 and LO3.


Coursework II (individual) focusing on preparation on an individual project report


Coursework III (individual) focusing on preparation of weekly lecture summaries for three selected expert lectures. This addresses LO1 and LO2.

Coursework I (group) will be assessed jointly by the module convenor and the guest lecturers.



Formative assessment and feedback

Feedback indicating the strengths and weaknesses will be given on individual project reports, group poster and oral presentations.

Reading list

Reading list for INFORMATION SECURITY FOR BUSINESS AND GOVERNMENT : http://aspire.surrey.ac.uk/modules/comm050

Programmes this module appears in

Programme Semester Classification Qualifying conditions
Information Security MSc 2 Optional A weighted aggregate mark of 50% is required to pass the module
Information Systems MSc 2 Compulsory A weighted aggregate mark of 50% is required to pass the module
Criminology and Social Research (Cybercrime and Cybersecurity) MSc 2 Core A pass as determined by the relevant criteria is required to pass the module

Please note that the information detailed within this record is accurate at the time of publishing and may be subject to change. This record contains information for the most up to date version of the programme / module for the 2017/8 academic year.