|Faculty or Section :||Faculty of Business, Education, Law and Arts|
|School or Department :||School of Business|
|Student contribution band :||Band 2|
|Grading basis :||Graded|
|Version produced :||26 September 2022|
Information Communications and Technology professionals need to develop a good breadth of knowledge and skills required for the secure management of information technology and communications assets for organisations. Students must have a good working knowledge of the role of information security in providing an appropriate level of confidentiality, integrity and availability for ICT Assets while considering the legal, privacy and ethical implications. Students need to develop the knowledge and skills using a range of security technologies and tools to identify potential threats and vulnerabilities that may exist in business systems and networks and manage security architecture and design and the associated risks and legal, privacy and ethical issues that may rise. This course provides students with an intermediate knowledge of the key principles necessary for managing the security of an organisation's ICT assets including information, information systems and networks.
Students study contemporary information security theory and practice in the context of threats, attacks and vulnerabilities that may exist in relation to organisation's information, communications and technology assets and the controls that can be put in place to ensure that the risks are managed at an acceptable level. Students will develop their skills and knowledge so that they can evaluate information security situations. They will be able to identify specific threats, attacks, vulnerabilities and manage security architecture and design and legal, privacy or ethical issues that may arise. They will be able to clearly communicate and provide advice and guidance to business managers and operational employees to manage the risks identified. Students will be assessed on their understanding of key concepts of information security and their ability to apply and communicate effectively contemporary information security theory and practice to real world problems.