IFQ541 Information Security Management
To view more information for this unit, select Unit Outline from the list below. Please note the teaching period for which the Unit Outline is relevant.
Unit code: | IFQ541 |
---|---|
Prerequisite(s): | IFN503 or (IFN551 and IFN553) or (IFQ551 and IFQ553) or Admission to IQ16 or IQ15 or IN15 or IN16 |
Equivalent(s): | IFN541 |
Credit points: | 12 |
Timetable | Details in HiQ, if available |
Availabilities |
|
CSP student contribution | $1,118 |
Domestic tuition unit fee | $3,528 |
Unit Outline: Session 1 2024, QUT Online, Online
Unit code: | IFQ541 |
---|---|
Credit points: | 12 |
Pre-requisite: | IN20 students admitted prior to 2020 can apply for requisite waiver or IFN503 or (IFN551 and IFN553) or (IFQ551 and IFQ553) or Admission to IN15 or IQ15 or IN16 or IQ16 |
Equivalent: | IFN541 |
Overview
This unit builds upon the fundamental information security concepts introduced in IFN553. In this unit you will consider aspects of the management of information systems which affect organizational information security; including identity management, authentication, access control, monitoring, risk management, incident response and disaster recovery.
Information is an important organisational asset. Information systems store, process and exchange information, and most sectors of the economy are dependent on electronic and often automated systems. Interconnectivity is important for many organizations, but this also increases the exposure to adverse events. Appropriate information security management protects information assets from unauthorized access, use or modification and provides frameworks to deal with the impacts associated with unauthorized disclosure, destruction or modification.
This unit is intended to equip IT professionals (such as database manager...
Learning Outcomes
On successful completion of this unit you will be able to:
- Discuss the impact of people, process and technology on information security, both for individuals and organisations including ethical and privacy considerations
- Apply appropriate information security management frameworks for the organisational context.
- Conduct an information security risk assessment for an organisation.
- Prioritise identified risks for treatment using appropriate tools.
- Recommend and justify appropriate risk treatment options.
- Collaborate in a team environment to communicate in writing security recommendations to both technical and non-technical audiences
Content
Aspects of the management of information systems which affect organizational information security; including identity management, authentication, access control, monitoring, risk management, incident response and disaster recovery.
Learning Approaches
The content of the unit is delivered through weekly lectures and tutorial sessions, and through the QUT Canvas site. During the weekly sessions theory on various topics in information security will be presented and examples and case studies showing the application of this theory in the real world will be included. These sessions will focus on promoting your understanding of the presented material.
Tutorial questions related to the presented material will be provided; your answers to these questions will direct your focus and aid your preparation for unit assessment items. Responses to the questions will be discussed in the tutorial sessions.
Your participation in the learning activities provides opportunities for you to self-assess and to obtain feedback from unit staff and your peers, further developing your interpersonal and oral communication skills.
Feedback on Learning and Assessment
You can obtain feedback on your progress in this unit via the following mechanisms:
- Self-assess your responses to presented material during the weekly tutorial discussions
- Ask the teaching staff for advice and assistance during tutorial sessions, or by email
- Review your assessment items when the marked items are returned, noting application of the rubric and the marker comments
- Have a private consultation with teaching staff to discuss your progress (email the unit coordinator to arrange an appointment).
Taking note of the marker’s feedback on the problem solving tasks will enable you to review the concepts covered to ensure that you understand the material prior to the final examination.
Assessment
Overview
The summative assessment items in this unit will allow you to demonstrate your ability to reason critically about security risks and their mitigations, and present findings in a professional manner (the written report), confirm your understanding of specific technical issues relating to information security in organisations (the quizzes), and show the knowledge you have acquired about information security theory and its relevance in practice (the exam).
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Problem Solving Quiz
Individual multiple choice quiz
This is an assignment for the purposes of an extension.
Assessment: Report
Written analytical report.
This is an assignment for the purposes of an extension.
Assessment: Final Exam
Final written examination
Academic Integrity
Students are expected to engage in learning and assessment at QUT with honesty, transparency and fairness. Maintaining academic integrity means upholding these principles and demonstrating valuable professional capabilities based on ethical foundations.
Failure to maintain academic integrity can take many forms. It includes cheating in examinations, plagiarism, self-plagiarism, collusion, and submitting an assessment item completed by another person (e.g. contract cheating). It can also include providing your assessment to another entity, such as to a person or website.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Further details of QUT’s approach to academic integrity are outlined in the Academic integrity policy and the Student Code of Conduct. Breaching QUT’s Academic integrity policy is regarded as student misconduct and can lead to the imposition of penalties ranging from a grade reduction to exclusion from QUT.
Resources
No particular text is required.
Risk Assessment Statement
No out of the ordinary risks are associated with this unit.
Unit Outline: Session 3 2024, QUT Online, Online
Unit code: | IFQ541 |
---|---|
Credit points: | 12 |
Pre-requisite: | IN20 students admitted prior to 2020 can apply for requisite waiver or IFN503 or (IFN551 and IFN553) or (IFQ551 and IFQ553) or Admission to IN15 or IQ15 or IN16 or IQ16 |
Equivalent: | IFN541 |
Overview
This unit builds upon the fundamental information security concepts introduced in IFQ553 Introduction to Security and Networking. In this unit, you will learn how careful planning, implementation and improvement of information security controls in the areas of people, process and technology can be an enabling force to help organisations achieve their business goals.
Effective information security risk management is a crucial component of organisational risk management. Information security is a digital life skill. This unit provides relevant, real-world examples of information security vulnerabilities, threats, attacks and the controls to manage them, that all information technology professionals should understand to protect themselves, the organisations they work for, and to advance their careers.
Learning Outcomes
On successful completion of this unit you will be able to:
- Discuss the impact of people, process and technology on information security, both for individuals and organisations including ethical and privacy considerations
- Apply appropriate information security management frameworks for the organisational context.
- Conduct an information security risk assessment for an organisation.
- Prioritise identified risks for treatment using appropriate tools.
- Recommend and justify appropriate risk treatment options.
- Collaborate in a team environment to communicate in writing security recommendations to both technical and non-technical audiences
Content
Aspects of the management of information systems which affect organizational information security; including identity management, authentication, access control, monitoring, risk management, incident response and disaster recovery.
Learning Approaches
The content of the unit is delivered through weekly lectures and tutorial sessions, and through the QUT Canvas site. During the weekly sessions theory on various topics in information security will be presented and examples and case studies showing the application of this theory in the real world will be included. These sessions will focus on promoting your understanding of the presented material.
Tutorial questions related to the presented material will be provided; your answers to these questions will direct your focus and aid your preparation for unit assessment items. Responses to the questions will be discussed in the tutorial sessions.
Your participation in the learning activities provides opportunities for you to self-assess and to obtain feedback from unit staff and your peers, further developing your interpersonal and oral communication skills.
Feedback on Learning and Assessment
You can obtain feedback on your progress in this unit via the following mechanisms:
- Self-assess your responses to presented material during the weekly tutorial discussions
- Ask the teaching staff for advice and assistance during tutorial sessions, or by email
- Review your assessment items when the marked items are returned, noting application of the rubric and the marker comments
- Have a private consultation with teaching staff to discuss your progress (email the unit coordinator to arrange an appointment).
Taking note of the marker’s feedback on the problem solving tasks will enable you to review the concepts covered to ensure that you understand the material prior to the final examination.
Assessment
Overview
The summative assessment items in this unit will allow you to demonstrate your ability to reason critically about security risks and their mitigations, and present findings in a professional manner (the written report), confirm your understanding of specific technical issues relating to information security in organisations (the quizzes), and show the knowledge you have acquired about information security theory and its relevance in practice (the exam).
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Problem Solving Quiz
Individual multiple choice quiz
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Assessment: Report
Written analytical report.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Assessment: Final Exam
Final written examination
Academic Integrity
Students are expected to engage in learning and assessment at QUT with honesty, transparency and fairness. Maintaining academic integrity means upholding these principles and demonstrating valuable professional capabilities based on ethical foundations.
Failure to maintain academic integrity can take many forms. It includes cheating in examinations, plagiarism, self-plagiarism, collusion, and submitting an assessment item completed by another person (e.g. contract cheating). It can also include providing your assessment to another entity, such as to a person or website.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Further details of QUT’s approach to academic integrity are outlined in the Academic integrity policy and the Student Code of Conduct. Breaching QUT’s Academic integrity policy is regarded as student misconduct and can lead to the imposition of penalties ranging from a grade reduction to exclusion from QUT.
Resources
No particular text is required.
Risk Assessment Statement
No out of the ordinary risks are associated with this unit.