Enrolment options

ISM-E2003 - Information Security Management, Lecture, 10.1.2025-21.2.2025

Please note! Course description is confirmed for two academic years, which means that in general, e.g. Learning outcomes, assessment methods and key content stays unchanged. However, via course syllabus, it is possible to specify or change the course execution in each realization of the course, such as how the contact sessions are organized, assessment methods weighted or materials used.

LEARNING OUTCOMES

  • Gain a multidisciplinary understanding of information security management and its underlying concepts and terminology
  • Understand the fundamental role of information security in ensuring business continuity and digital resilience
  • Understand the business, societal, and ethical implications of information security decisions
  • Become familiar with current and emerging cybersecurity threats and vulnerabilities
  • Learn about the information security lifecycle and its relevant processes
  • Learn how to identify and address security requirements to maintain continual information security in a given context

Credits: 6

Schedule: 10.01.2025 - 21.02.2025

Teacher in charge (valid for whole curriculum period):

Teacher in charge (applies in this implementation): Hadi Ghanbari

Contact information for the course (applies in this implementation):

Assistant Professor Hadi Ghanbari, hadi.ghanbari@aalto.fi

CEFR level (valid for whole curriculum period):

Language of instruction and studies (applies in this implementation):

Teaching language: English. Languages of study attainment: English

CONTENT, ASSESSMENT AND WORKLOAD

Content

  • valid for whole curriculum period:

    • Information security management and digital business
    • Introduction to information security concepts and objectives
    • Information security lifecycle
    • Information security policies and standards
    • Continual security, digital resilience, and business continuity 
    • Case studies on major information security incidents  

  • applies in this implementation

    This course provides a multi-disciplinary and holistic overview of information security management

    • Information security is approached from technical, social,  organizational, and ethical perspectives 
    • This course follows a blended-learning approach, consisting of video-recorded lectures, class sessions, and various activities
    • The course is designed based on scientific and practical evidence 
    • You are expected to take an active role in your learning process 


Assessment Methods and Criteria

  • valid for whole curriculum period:

    To pass the course, students are expected to complete the following tasks:

    • Self-study: studying the course material and answering a set of online quizzes
    • Individual essay: writing a scientific essay about a given topic
    • Group task: performing a security analysis for a given case
    • Class activities (if you choose to complete the course in-class) OR Final exam (if you choose to complete the course remotely)

  • applies in this implementation

    The evaluation criteria are explained in the introductory slides and essay and group task rubrics.

Workload

  • valid for whole curriculum period:

    The course consists of lectures, independent work (e.g. self-study, writing essays) and teamwork (e.g. hands-on exercises, case studies, group tasks).

    This is a hybrid course meaning that students can complete the course either in-class or remotely. Attendance in the contact sessions is mandatory for those students who choose to complete the course in person but it is not compulsory for those students who choose to complete the course remotely.

  • applies in this implementation

    Check the introductory slides on the front page of the course

DETAILS

Study Material

  • valid for whole curriculum period:

    The course handouts and other learning material (e.g. slides and video lectures) are designed based on scientific publications, publicly available reports, and the following books:

    • Andress (2014).The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Syngress.
    • Mano (2011). Official (ISC)2 Guide to the CSSLP CBK, Second Edition. CRC Press.
    • Raggad (2010). Information security management: concepts and practice. CRC Press.

  • applies in this implementation

    Check the introductory slides on the front page of the course

Substitutes for Courses
Prerequisites
SDG: Sustainable Development Goals

    9 Industry, Innovation and Infrastructure

    11 Sustainable Cities and Communities

FURTHER INFORMATION

Further Information

  • valid for whole curriculum period:

    Teaching Language: English

    Teaching Period: 2024-2025 Spring III
    2025-2026 Spring III

    Registration:

    Student registration will be confirmed only after completing the pre-course assignment which is available on MyCourses. Priority is give to 1) MSc students in ISM 2) BIZ exchange students 3) other students

  • applies in this implementation

    Check the introductory slides on the front page of the course

Details on the schedule

  • applies in this implementation

    The schedule is shown on the front page.

Rules of Conduct - Students´ Rights and Responsibilities (in force from 1 August 2020)

Aalto University Code of Academic Integrity and Handling Violations Thereof

Guests cannot access this workspace. Please log in.