N/A

The aim of the module is to let you develop a deep understanding of the framework that information security operates in, and to give you an opportunity to express this in the form of professional written reports. Topics covered include:
• Overview of relevant laws and regulations: national and international, covering Data Protection, computer misuse and other legal issues.
• The relation between governance models and frameworks including: ISACA’s COBIT and ISO Standards (ISO27000 in particular)
• Role of the professions; difference between audit, forensics and security management. Professional ethics and codes of practice
• Risk management, contingency and continuity planning
• Understanding and application of the COBIT domains

Upon completion of this module you will be able to
LO1: Demonstrate an understanding of the roles and responsibilities of the professionals involved, including practical application of codes of practice/ethics.
LO2: Review and critically appraise relevant laws and relevant standards, their interrelationships and international trends in their development.
LO3: Critically appraise the principles of information security management systems and the roles of risk management, controls and audit in supporting IS governance
LO4: Demonstrate an understanding of the role of human and organisational factors in delivering information security
LO5: Research, examine and evaluate relevant academic literature and real-world situations, identify issues and solutions and make recommendations to management