course-details-portlet

DCST2005 - Risk Management

About

Examination arrangement

Examination arrangement: Assignment and Written examination
Grade: Letter grades

Evaluation Weighting Duration Grade deviation Examination aids
School exam 40/100 2 hours E
Assignment 60/100 ALLE

Course content

  • Information security management Systems (ISMS)
  • Security work
  • The standards ISO 27001 and 27002.
  • Security policies, security culture and evaluation.
  • Risk management, including risk assessment and analysis.
  • Risk communication
  • Information classification and access control.
  • Incident response: planning and running.
  • Measuring security and key figures.
  • Outsourcing

Learning outcome

Knowledge:

The candidate can:

  • explain the use of ISO 27001 and 27002, especially with regards to joint use and differences in information security management.
  • explain the importance of information security for a company's monetary and reputational value.
  • explain a stepwise plan for employing an ISMS, and show critical factors for each phase.
  • explain risk in an information security context, evaluate risk in information systems and make contingency plans.

Skills:

The candidate can:

  • make an assessment of strategy and measures for anchoring the safety work, based on a prior analysis of the situation in an example company
  • carry out a threat profiling and risk analysis for an example company based on a standard procedure, and prioritize and implement relevant measures with a focus on protecting identities
  • propose a strategy to involve both the company's own employees and any external expertise in the change processes related to the introduction of an ISMS
  • given guidelines or standards, carry out an information security risk assessment on a given information system

General competence:

The candidate can:

  • search for and apply relevant subject matter to shed light on a given problem
  • present security problems and solutions both in writing and orally

Learning methods and activities

Lectures, project work in larger groups, obligatory assignments, reflection, guidance meetings.

Complementary information: The students will be split into groups. Each group will work on an information security assignment with focus on risk assessments and a supporting ISMS.

Further on evaluation

The project is done in groups. Individual assessment of the project can be given in special circumstances.

Both the exam and the project need to be passed in order to pass the course.

The re-sit examination is held in August. Written exam might be changed to oral exam for the re-sit exam.

In the event of voluntary repetition, fail (F) or valid absence, the entire project must be retaken in a semester with teaching.

Continuation and voluntary repetition/improvement can be carried out for some partial assessments without all partial assessments in a subject having to be taken up again.

Specific conditions

Admission to a programme of study is required:
Digital Infrastructure and Cyber Security (BDIGSEC)

Required previous knowledge

Admission to a programme of study is required: Bachelor in Digital Infrastructure and Cyber Security.

Course materials

Announced at the start of semester.

Credit reductions

Course code Reduction From To
DCSG2005 7.5 AUTUMN 2019
IBED2003 7.5 AUTUMN 2020
IINI2009 7.5 AUTUMN 2020
IFUD1119 7.5 AUTUMN 2020
IDRI2004 7.5 AUTUMN 2020
INFT2001 7.5 AUTUMN 2020
DIFT2007 7.5 AUTUMN 2020
More on the course

No

Facts

Version: 1
Credits:  7.5 SP
Study level: Intermediate course, level II

Coursework

Term no.: 1
Teaching semester:  SPRING 2025

Language of instruction: Norwegian

Location: Trondheim

Subject area(s)
  • Computer Science
Contact information
Course coordinator: Lecturer(s):

Department with academic responsibility
Department of Computer Science

Timetable

List view
Calendar view

Examination

Examination arrangement: Assignment and Written examination

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Autumn UTS School exam 40/100 E 2024-12-18 15:00 INSPERA
Room Building Number of candidates
SL110 lilla sone Sluppenvegen 14 2
Spring ORD Assignment 60/100 ALLE INSPERA
Room Building Number of candidates
Spring ORD School exam 40/100 E INSPERA
Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.
Examination

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU