After successful completion of the course, students are able to write security policies and security/technical guidelines. They can support CISOs in the implementation of organisational security measures.
In this lecture, organizational aspects of IT-Security are the focus of attention, which includes risk analysis and risk management, application and implementation of information security procedures as well as security policies within corporate government initiatives. The lecture will include several domains of the CISSP certification and enable students to compete this high valued certification after the course. Planned Topics are: # Security Management Practices # Access Control Systems and Methodology # Physical Security # Business Continuity Planning # CobiT # GSHB # ISO 2700x # IT Risk Management
The course consists of two parts:
One section consists of the practical creation of policies and guidelines. After an introductory lecture, students work on a case study and create the necessary documents. These will be presented at the end.
The second section serves to impart theoretical basics. Students prepare presentations by means of books; during the course the lecturer supplements the textbook knowledge with further background information and practical experience from research and consulting projects.
If you cannot make it to the "Vorbesprechung" please be sure to join the TUWEL course and prepare for the first block. You need to do some work for Block 1!!
Details on meetings and schedule in TUWEL.
ECTS Breakdown (3 ECTS = 75 hours):
Presentations and Documents (Policies, Guidelines, etc)
Lecture notes for this course are available. CISSP All-in-One Exam Guide, Shon Harris, Slides and Papers
Solid Security Foundations