Module Title:   ISO27000 Framework (Information Security Management System)

Module Credit:   20

Module Code:   CM-1075D

Academic Year:   2015/6

Teaching Period:   Semester 2

Module Occurrence:   A

Module Level:   FHEQ Level 7

Module Type:   Standard module

Provider:   Computer Science

Related Department/Subject Area:   School of Electrical Engineering & Computer Science

Principal Co-ordinator:   Dr A. J. Cullen

Additional Tutor(s):   Dr D. R. W. Holton

Prerequisite(s):   None

Corequisite(s):   None

Aims:
To develop a comprehensive understanding of an Information Security Management System (ISMS) based on ISO27001 compliance.

Learning Teaching & Assessment Strategy:
Formal input provided by lectures and workshops .(LO1, LO2, LO3a) Case studies used, where appropriate, to illustrate issues raised by the implementation of an ISMS within a business environment. Assessment by an individual report and practical exercise takes account of issues relevant to the ISO27001 framework, the business environment and the theoretical material discussed in class and tests all learning outcomes. Supplementary assessment will repair deficiencies.

Lectures:   24.00          Directed Study:   152.00           
Seminars/Tutorials:   24.00          Other:   0.00           
Laboratory/Practical:   0.00          Formal Exams:   0.00          Total:   200.00

On successful completion of this module you will be able to...

demonstrate an advanced and systematic understanding of leading the implementation of an ISMS and the business implications of compliance with ISO standards.

On successful completion of this module you will be able to...

deal with the complex issues involved in effectively implementing an ISMS for ISO27001 compliance.

On successful completion of this module you will be able to...

(a) further advance your skills of research, problem-solving and communication. (b) Be a self-directed, independent learner who shows initiative and personal responsibility.

  Coursework   100%
 
  Practical ISO27000 Exercise (develop and document an ISMS). Equivalent to 4000 words.

Supplementary Assessment:
As Original

Outline Syllabus:
How to implement a compliance framework for ISO27001; fundamental principles of information security; Information security control best practice based on ISO27002 (including reference to ISO22301); planning and implementing ISMS; performance evaluation, monitoring and measurement of an ISMS; continual improvement of an ISMS; preparation for an ISMS audit.

Version No:  2