IFN541 Information Security Management
To view more information for this unit, select Unit Outline from the list below. Please note the teaching period for which the Unit Outline is relevant.
| Unit code: | IFN541 |
|---|---|
| Prerequisite(s): | IFN503 or (IFN551 and IFN553) or (IFQ551 and IFQ553) or Admission to IN15, IN16, or IN17. IN20 students who commenced prior to 2020 should apply for a requisite waiver. |
| Antirequisite(s): | IFN511 |
| Equivalent(s): | IFQ541 |
| Credit points: | 12 |
| Timetable | Details in HiQ, if available |
| Availabilities |
|
| CSP student contribution | $1,118 |
| Domestic tuition unit fee | $3,528 |
| International unit fee | $4,824 |
Unit Outline: Semester 1 2024, Gardens Point, Internal
| Unit code: | IFN541 |
|---|---|
| Credit points: | 12 |
| Pre-requisite: | IFN503 or (IFN551 and IFN553) or (IFQ551 and IFQ553) or Admission to IN15 or IQ15 or IN16 or IQ16 or IN17 |
| Equivalent: | IFQ541 |
| Assumed Knowledge: | Master of Information Technology students admitted prior to 2020 can apply for requisite waiver |
| Anti-requisite: | IFN511 |
| Coordinators: | Tony Rhodes | a.rhodes@qut.edu.au Leonie Simpson | lr.simpson@qut.edu.au |
Overview
This unit builds upon the fundamental information security concepts introduced in IFN553 by exploring the challenges and solutions for information security management in organisations. This is important contextual knowledge that can be built upon through later, more specialised units. In this unit, you will learn how careful planning, implementation and improvement of information security controls in the areas of people, process and technology can be an enabling force to help organizations achieve their business goals.
Effective information security risk management is a crucial component of organizational risk management. Information security is a digital life skill. This unit provides relevant, real-world examples of information security vulnerabilities, threats, attacks and the controls to manage them, that all information technology professionals should understand to protect themselves, the organisations they work for and to advance their careers.
Learning Outcomes
On successful completion of this unit you will be able to:
- Discuss the impact of people, process and technology on information security, both for individuals and organisations including ethical and privacy considerations.
- Apply appropriate information security management frameworks for the organisational context.
- Conduct an information security risk assessment for an organisation.
- Prioritise identified risks for treatment using appropriate tools.
- Recommend and justify appropriate risk treatment options.
- Collaborate in a team environment to communicate in writing security recommendations to both technical and non-technical audiences.
Content
Aspects of the management of information systems which affect organizational information security; including identity and access management, controls management, information security risk management, incident response and disaster recovery.
Learning Approaches
The content of the unit is delivered through weekly lectures and tutorial sessions, and through the QUT Canvas site. During the weekly sessions theory on various topics in information security will be presented and examples and case studies showing the application of this theory in the real world will be included. These sessions will focus on promoting your understanding of the presented material.
Tutorial questions related to the presented material will be provided; your answers to these questions will direct your focus and aid your preparation for unit assessment items. Responses to the questions will be discussed in the tutorial sessions.
Your participation in the learning activities provides opportunities for you to self-assess and to obtain feedback from unit staff and your peers, further developing your interpersonal and oral communication skills.
Feedback on Learning and Assessment
You can obtain feedback on your progress in this unit via the following mechanisms:
- Self-assess your responses to presented material during the weekly tutorial discussions
- Ask the teaching staff for advice and assistance during tutorial sessions, or by email
- Review your assessment items when the marked items are returned, noting application of the rubric and the marker comments
- Have a private consultation with teaching staff to discuss your progress (email the unit coordinator to arrange an appointment).
Taking note of the marker’s feedback on the problem solving tasks will enable you to review the concepts covered to ensure that you understand the material prior to the final examination.
Assessment
Overview
The summative assessment items in this unit will allow you to demonstrate your ability to reason critically about security risks and their mitigations, and present findings in a professional manner (the written report), confirm your understanding of specific issues relating to information security in organisations (the quizzes), and show the knowledge you have acquired about information security theory and its relevance in practice (the exam).
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Problem-Solving Task
Individual multiple choice quiz
This is an assignment for the purposes of an extension.
Assessment: Report
Written analytical report
This is an assignment for the purposes of an extension.
Assessment: Final Exam
Timed on-line assessment where students demonstrate knowledge acquired about information security theory and its relevance in practice.
Academic Integrity
Students are expected to engage in learning and assessment at QUT with honesty, transparency and fairness. Maintaining academic integrity means upholding these principles and demonstrating valuable professional capabilities based on ethical foundations.
Failure to maintain academic integrity can take many forms. It includes cheating in examinations, plagiarism, self-plagiarism, collusion, and submitting an assessment item completed by another person (e.g. contract cheating). It can also include providing your assessment to another entity, such as to a person or website.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Further details of QUT’s approach to academic integrity are outlined in the Academic integrity policy and the Student Code of Conduct. Breaching QUT’s Academic integrity policy is regarded as student misconduct and can lead to the imposition of penalties ranging from a grade reduction to exclusion from QUT.
Resources
No particular text is required.
Risk Assessment Statement
No out of the ordinary risks are associated with this unit.
Unit Outline: Semester 2 2024, Gardens Point, Internal
| Unit code: | IFN541 |
|---|---|
| Credit points: | 12 |
| Pre-requisite: | IFN503 or (IFN551 and IFN553) or (IFQ551 and IFQ553) or Admission to IN15 or IQ15 or IN16 or IQ16 or IN17 |
| Equivalent: | IFQ541 |
| Assumed Knowledge: | Master of Information Technology students admitted prior to 2020 can apply for requisite waiver |
| Anti-requisite: | IFN511 |
| Coordinators: | Tony Rhodes | a.rhodes@qut.edu.au |
Overview
This unit builds upon the fundamental information security concepts introduced in IFN553 by exploring the challenges and solutions for information security management in organisations. This is important contextual knowledge that can be built upon through later, more specialised units. In this unit, you will learn how careful planning, implementation and improvement of information security controls in the areas of people, process and technology can be an enabling force to help organizations achieve their business goals.
Effective information security risk management is a crucial component of organizational risk management. Information security is a digital life skill. This unit provides relevant, real-world examples of information security vulnerabilities, threats, attacks and the controls to manage them, that all information technology professionals should understand to protect themselves, the organisations they work for and to advance their careers.
Learning Outcomes
On successful completion of this unit you will be able to:
- Discuss the impact of people, process and technology on information security, both for individuals and organisations including ethical and privacy considerations.
- Apply appropriate information security management frameworks for the organisational context.
- Conduct an information security risk assessment for an organisation.
- Prioritise identified risks for treatment using appropriate tools.
- Recommend and justify appropriate risk treatment options.
- Collaborate in a team environment to communicate in writing security recommendations to both technical and non-technical audiences.
Content
Aspects of the management of information systems which affect organizational information security; including identity and access management, controls management, information security risk management, incident response and disaster recovery.
Learning Approaches
The content of the unit is delivered through weekly lectures and tutorial sessions, and through the QUT Canvas site. During the weekly sessions theory on various topics in information security will be presented and examples and case studies showing the application of this theory in the real world will be included. These sessions will focus on promoting your understanding of the presented material.
Tutorial questions related to the presented material will be provided; your answers to these questions will direct your focus and aid your preparation for unit assessment items. Responses to the questions will be discussed in the tutorial sessions.
Your participation in the learning activities provides opportunities for you to self-assess and to obtain feedback from unit staff and your peers, further developing your interpersonal and oral communication skills.
Feedback on Learning and Assessment
You can obtain feedback on your progress in this unit via the following mechanisms:
- Self-assess your responses to presented material during the weekly tutorial discussions
- Ask the teaching staff for advice and assistance during tutorial sessions, or by email
- Review your assessment items when the marked items are returned, noting application of the rubric and the marker comments
- Have a private consultation with teaching staff to discuss your progress (email the unit coordinator to arrange an appointment).
Taking note of the marker’s feedback on the problem solving tasks will enable you to review the concepts covered to ensure that you understand the material prior to the final examination.
Assessment
Overview
The summative assessment items in this unit will allow you to demonstrate your ability to reason critically about security risks and their mitigations, and present findings in a professional manner (the written report), confirm your understanding of specific issues relating to information security in organisations (the quizzes), and show the knowledge you have acquired about information security theory and its relevance in practice (the exam).
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Problem-Solving Task
Individual multiple choice quiz
This is an assignment for the purposes of an extension.
Assessment: Report
Written analytical report
This is an assignment for the purposes of an extension.
Assessment: Non-invigilated Timed Online Assessment
Timed on-line assessment where students demonstrate knowledge acquired about information security theory and its relevance in practice.
Academic Integrity
Students are expected to engage in learning and assessment at QUT with honesty, transparency and fairness. Maintaining academic integrity means upholding these principles and demonstrating valuable professional capabilities based on ethical foundations.
Failure to maintain academic integrity can take many forms. It includes cheating in examinations, plagiarism, self-plagiarism, collusion, and submitting an assessment item completed by another person (e.g. contract cheating). It can also include providing your assessment to another entity, such as to a person or website.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Further details of QUT’s approach to academic integrity are outlined in the Academic integrity policy and the Student Code of Conduct. Breaching QUT’s Academic integrity policy is regarded as student misconduct and can lead to the imposition of penalties ranging from a grade reduction to exclusion from QUT.
Resources
No particular text is required.
Risk Assessment Statement
No out of the ordinary risks are associated with this unit.