course-details-portlet

DCSG2005 - Risk Management

About

Examination arrangement

Examination arrangement: Assignment and Written examination
Grade: Letter grades

Evaluation Weighting Duration Grade deviation Examination aids
School exam 40/100 2 hours E
Assignment 60/100 A

Course content

Information Security Management:

  • Information Security Management Systems (ISMS)
  • Frameworks for security work and security management
  • NSM's basic principles in ICT security and security management
  • Standards 27001, 27002, and 27005
  • Security policy and evaluation

Risk management process:

  • Defining scope
  • Information classification and access control
  • Risk assessment and analysis, including asset, threat, and vulnerability
  • Security mechanisms and risk handling
  • Risk communication
  • Incident handling, planning, and execution
  • Security measurements and key figures

Sustainability:

DCSG2005 supports goal number 9 by contributing to ensuring industry, innovation, and infrastructure, as well as protecting trade secrets and innovations. The subject also contributes to goal 16, Peace, Justice, and Strong Institutions, by making it more difficult to succeed in cyber attacks.

Learning outcome

Knowledge

  • Understanding and explaining the general principles of security management and control within digital security.
  • Understanding risk in an information security context and the purpose of risk management.
  • Knowing how to perform risk assessments and audits of information systems.
  • Understanding the application areas for international security and privacy standards.
  • Understanding and explaining the need for security requirements in a case study.

Skills

  • Conducting an information security risk assessment on a given information system based on guidelines or standards.
  • Collaborating with system owners and managers, adjusting practices and results based on their feedback.
  • Presenting security issues and solutions to both employees and managers.

General Competence

  • Leading and contributing to security work in a team consisting of individuals with different expertise and skills.
  • Conducting information security risk assessments.
  • Having knowledge of information security management and control.
  • Understanding the importance of both oral and written communication skills in explaining security issues and solutions to system owners and users, both face-to-face and online.

Learning methods and activities

  • Lectures
  • Group work
  • Online learning support
  • Mandatory tasks

Additional information: Students are divided into groups and assigned tasks based on information security. Projects involve risk assessments and audits of current and future systems.

Further on evaluation

Assessment:

  • Digital exam, 2 hours, counts for 40%
  • Group project submission counts for 60%
  • Both parts must be passed.

Continuation and voluntary repetition/improvement can be carried out for some partial assessments without all partial assessments in a subject having to be taken up again.

Deferred exam for written exams in August.

Presentation of the project with mandatory attendance.

Credit reductions

Course code Reduction From To
DCST2005 7.5 AUTUMN 2019
IMT2008 7.5 AUTUMN 2020
DIFT2007 7.5 AUTUMN 2020
INFT2001 7.5 AUTUMN 2020
More on the course

No

Facts

Version: 1
Credits:  7.5 SP
Study level: Intermediate course, level II

Coursework

Term no.: 1
Teaching semester:  SPRING 2025

Language of instruction: Norwegian

Location: Gjøvik

Subject area(s)
  • Computer Science
Contact information
Course coordinator:

Department with academic responsibility
Department of Information Security and Communication Technology

Examination

Examination arrangement: Assignment and Written examination

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Spring ORD Assignment 60/100 A INSPERA
Room Building Number of candidates
Spring ORD School exam 40/100 E 2025-05-07 09:30 INSPERA
Room Building Number of candidates
M438 Eksamensrom 4.etg, Inngang D Mustad, Inngang D 90
M433-Eksamensrom 4.etg Mustad, Inngang A 50
Summer UTS School exam 40/100 E INSPERA
Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.
Examination

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU