Core Module Information
Module title: Security Audit & Compliance

SCQF level: 11:
SCQF credit value: 20.00
ECTS credit value: 10

Module code: INF11109
Module leader: Peter Cruickshank
School School of Computing, Engineering and the Built Environment
Subject area group: Applied Informatics
Prerequisites

There are no pre-requisites for this module to be added

Description of module content:

The aim of the module is to let you develop a deep understanding of the framework that information security operates in, and to give you an opportunity to express this in the form of professional written reports. Topics covered include: • The relation between governance models and frameworks including: ISACA’s COBIT and ISO Standards (ISO27000 in particular) • Overview of relevant laws and regulations: national and international, covering privacy, computer misuse and other legal issues. • The role of organisation and human factors in ensuring a secure environment• The role of the professions; difference between audit, forensics and security management. Professional ethics and codes of practice• Information security risk management and controls including, contingency and continuity planning

Learning Outcomes for module:

Upon completion of this module you will be able to

LO1: Critically appraise relevant issues, laws and standards relevant to information security

LO2: Demonstrate an understanding of the roles and responsibilities of the professionals involved, including practical application of codes of practice/ethics.

LO3: Critically appraise the principles of information security management systems and the roles of risk management, controls and audit in supporting IS governance.

LO4: Research, examine and evaluate relevant academic literature and and apply it to real-world situations

LO5: Demonstrate an ability to identify issues and solutions and professionally present findings in a way that is appropriate for the intended audience.

Full Details of Teaching and Assessment
2024/5, Trimester 1, In Person,
VIEW FULL DETAILS
Occurrence: 001
Primary mode of delivery: In Person
Location of delivery: MERCHISTON
Partner:
Member of staff responsible for delivering module: Peter Cruickshank
Module Organiser:


Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)NESH Description
Face To Face Lecture 22 10 units of content, with final revision lecture.
Face To Face Tutorial 20 Students work in groups, Activities can include evaluation of a report or an academic paper, analysis of a case study, or a mock presentation to management.
Online Guided independent study 158 Students use this time to work through the teaching material provided, and to develop their coursework.
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words Description
Essay 30 1~4 Week 8 , WORDS= 2000 Annotated bibliography with evaluative essay.
Report 70 1~2~3~4~5 Week 13 , WORDS= 3000 White-paper style report aimed at management exploring a topical challenge for information security.
Component 1 subtotal: 30
Component 2 subtotal: 70
Module subtotal: 100
2024/5, Trimester 3, Online (fully o,
VIEW FULL DETAILS
Occurrence: 001
Primary mode of delivery: Online (fully o
Location of delivery: MERCHISTON
Partner:
Member of staff responsible for delivering module: Peter Cruickshank
Module Organiser:


Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)NESH Description
Online Guided independent study 158 Students use this time to work through the teaching material provided, and to develop their coursework.
Face To Face Lecture 22 10 units of content, with final revision lecture.
Face To Face Tutorial 20 Students work in groups, Activities can include evaluation of a report or an academic paper, analysis of a case study, or a mock presentation to management.
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words Description
Essay 30 1~4 Week 8 , WORDS= 2000 Annotated bibliography with evaluative essay.
Report 70 1~2~3~4~5 Week 13 , WORDS= 3000 White-paper style report aimed at management exploring a topical challenge for information security.
Component 1 subtotal: 30
Component 2 subtotal: 70
Module subtotal: 100

Indicative References and Reading List - URL:
Security Audit & Compliance