ITIS412 : Risk management and Security

Department

Department of Information Systems

Academic Program

Bachelor in Information Systems

Type

Compulsory

Credits

03

Prerequisite

ITGS222

Overview

This course provides an introduction to the fundamental principles and topics of information Technology Security and Risk Management at the organizational level. Students will learn critical security principles that enable them to plan, develop, and perform security tasks. The course will address hardware, software, processes, communications, applications, and policies and procedures with respect to organizational IT Security and Risk Management.

Intended learning outcomes

Knowledge &understand

  • This course provides an introduction to the fundamental principles and topics of information Technology Security and Risk Management at the organizational level. Students will learn critical security principles that enable them to plan, develop, and perform security tasks.
  • The course will address Hardware, Software, processes, Communications, Applications, and policies and procedures with respect to organizational IT Security and Risk Management.

mental skills

  • Understand the fundamental principles of information technology security.
  • Understand the concepts of threat, evaluation of assets, information assets, physical ,operational, and information security and how they are related .
  • Understand the need for the careful design of a secure organizational information Infrastructure.

Practical & professional skills

  • Perform risk analysis and risk management.
  • Understand both technical and administrative mitigation approaches
  • Understand the need for a comprehensive security model and its implications.

General and transferable skills

  • Create and maintain a comprehensive security model.
  • Understand and apply security technologies.
  • Understand basic cryptography, its implementation considerations.

Teaching and learning methods

  • Lectures
  • Tutorials
  • Problem-based learning
  • Mini-projects

Methods of assessments

  • Midterm exam = 30
  • Final exam = 60
  • Home Works = 05
  • Project = 05

Course contents

  • Introduction to information security
  • Protection
  • Detection
  • Risk assessment frameworks
  • ISO Risk Management – Draft Standard
  • Security engineering, Protocols, Passwords, Access controls.
  • Cryptography, Physical aspects, Biometrics.
  • Physical tamper resistance, Security printing and seals.
  • Security in connected systems and networks, distributed systems.
  • Telecom system security.
  • Network attack and defence.
  • Protecting e-commerce systems.
  • Policy and management issues, Copyright and privacy.
  • Copyright and privacy protection, E-policy.

Information Retrieval Systems (ITIS401)
Knowledge Management (ITIS402)
Data Mining/Business Intelligence (ITIS404)
Business Process Management (ITIS405)
Decision support system (ITIS406)
IS Innovation and New Technologies (ITIS407)
E-Government (ITIS408)
Physics (ITPH111)
Mathematics I (ITMM111)
Arabic language 1 (ITAR111)
Problem solving Technic (ITGS113)
Intro to Information Technology (ITGS111)
General English1 (ITEL111)
Mathematics II (ITMM122)
logic Circuit Design (ITGS126)
System Analysis and Design (ITGS124)
Introduction to Programming (ITGS122)
General English2 (ITEL122)
Arabic language 2 (ITAR122)
Introduction to Statistics (ITST211)
Object Oriented Programmin (ITGS211)
Introduction to Software Engineering (ITGS213)
Introduction to Networking (ITGS215)
Discrete Structures (ITGS217)
Numerical analysis (ITGS219)
Computer Architucture & Organization (ITGS223)
Data Structure (ITGS220)
Foundation of Information Systems (ITGS222)
Information Security (ITGS224)
Introduction to Internet Programming (ITGS226)
Introduction to database (ITGS228)
Operating System (ITGS302)
Scientific Writing (ITGS304)
Web Application Development (ITIS311)
Human Computer Interaction (ITIS312)
Data and Information Management (ITIS313)
Advanced Databases (ITIS325)
IT Infrastructure (ITIS323)
Design and Analysis algorithms (ITGS301)
Multimedia Systems (ITIS324)
Advanced System analysis & Design (ITIS326)
Enterprise Architecture (ITIS411)
Risk management and Security (ITIS412)
Introduction to Artificial Intelligence (ITIS413)
IT Project Management (ITGS303)
Enterprise Systems (ITIS421)
IS strategy ,management and acquisition (ITIS422)