Information security management
On this page
|
|
|
|
|
| 3 Tutor-marked assignments (TMAs) | |
| Examination | No residential school |
Register for the course
This course is available for study in the countries shown. Fees may vary by country.
Summary
The protection of information assets underpins the commercial viability and profitability of all enterprises and the effectiveness of public sector organisations. It should not be left to chance. If you work in an organisation concerned (directly or indirectly) with valuable information assets, this practical course will enable you to understand and manage strategic and operational aspects of information security, including IT governance and risk analysis and management. It will also provide the knowledge and skills needed to plan the implementation of an information security management system that provides efficient, effective safeguards and responds to your organisation’s needs.
Course content
‘In today’s high technology environment, organisations are becoming more and more dependent on their information systems. The public is increasingly concerned about the proper use of information, particularly personal data. The threats to information systems from criminals and terrorists are increasing. Many organisations will identify information as an area of their operation that needs to be protected as part of their systems of internal control’ (Nigel Turnbull, from the preface of the book IT Governance: A Manager’s Guide to Data Security & BS 7799/ISO 17799).
Taking a practice-based approach based upon an organisation you are familiar with, M886 provides the foundational knowledge, understanding, analysis and synthesis that you need to develop a practical information security management system, to the standard set by the ISO/IEC 27001:2005 and BS ISO/IEC 17799:2005. You also acquire the personal development skills you need to keep abreast of important development in a rapidly developing field.
The course is structured as three independent units written to support and extend the set book:
An introduction to information security – In this unit you will first learn about the current requirements on, and incentives for organisations to implement information security. You then study the foundations of the subject, learning to identify and value information as an organisational asset. The protection of information assets is the subject of the British standards, around which the course is based. This unit outlines the processes that must be gone through to satisfy the requirements of the standards.
Information security risk assessment – This unit places in context the issues involved in information security risk assessment, as required by the standard. You will examine the risks that may arise in all relevant aspects of an organisation's operations, including human factors, e-commerce, web-services, and systems development. You will learn how to conduct a systematic risk assessment that leads to a prioritised list of information security risks for an organisation, and the requirements for their treatment. The unit concludes with an assignment in which you will carry out a risk assessment for your chosen organisation, based on the information contained in the British standards and the set book.
Information security risk management – In this unit you will complete your study of the development of a fit-for-purpose information security management system through the management of information security risks. You will learn how to be systematic in the choice of controls that treat specific risks, and how the documentation required by the British standards applicable to the course can be produced. There is a full discussion of the technologies that underpin the standard's controls, and the unit finishes by considering the topic of planning for when things do go wrong.
At the end of the course you will be required to carry out some independent research into an issue in information security management, analysing and evaluating the results of your research for presentation in the examination.
The course has been updated from 2008 so that it is based on the current version of the Information Security standard against which an Information Security Management System would be assessed.
You will learn
After studying this course you will be able to:
- understand contemporary issues in information security management
- analyse and prioritise information security risks
- identify countermeasures and review techniques appropriate to the management of information security risks
- understand the policy and technology trade-offs involved in developing information security systems of adequate quality
- locate, read, comprehend and evaluate developments in the field as they appear in contemporary professional and research publications.
It is important to realise that information security management is a ‘big picture’ subject concerned with getting the balance of technology, physical and social factors correct. As such, there is no special emphasis on any one factor; this is not a course specifically about security technology and you will not, for instance, learn how to configure a firewall as part of the core teaching of M886.
Entry
You can take this as a stand-alone course and it requires no formal qualifications for entry. However, it is a postgraduate level course, and you will be expected to have appropriate skills at this level, which might be developed from previous study (to HNC/HND level or above) or professional or commercial experience. In particular, you will need report-writing skills, since the work you are expected to submit in your assignments and examination will consist mainly of reports.
M886’s assessment involves a significant amount of practical work, including the building of an Information Security Management System for a part of an organisation with which you are familiar. To successfully complete your studies of M886 you will therefore need access to information about your chosen organisation. This often entails obtaining the permission, and possibly the active support, of the manager of that area and we recommend that you make any necessary arrangements before the start of the course. If you require any further information please contact the Postgraduate Technology Centre Advisor by email.
If you would like more information about the Postgraduate Computing programme as a whole, you can visit the programme website. This site includes additional information about the programme, details of new courses and qualifications that are being planned, some samples of course materials, FAQs and links to descriptions of current courses and related qualifications.
Discount for Open University Graduates
If you are a graduate of The Open University (holding either an undergraduate or masters degree), you are eligible for a discount of £100 towards the cost of this course. Telephone 0845 3666056 or email us to claim your discount when you register for this course.
Qualifications
M886 is a compulsory course in our
- Postgraduate Diploma in Networks and Distributed Systems (E18)
- MSc in Networks and Distributed Systems (F42)
M886 is an optional course in our
- Postgraduate Certificate in Computing (C69)
- Postgraduate Certificate in Technology Management (C49)
- Postgraduate Diploma in Computing for Commerce and Industry (C02)
- Postgraduate Diploma in Information Systems (E10)
- Postgraduate Diploma in Management of Software Projects (E19)
- Postgraduate Diploma in Software Development (D69)
- Postgraduate Diploma in Technology Management (E08)
- MSc in Computing for Commerce and Industry (F05)
- MSc in Information Systems (F37)
- MSc in Management of Software Projects (F43)
- MSc in Software Development (F26)
- MSc in Strategic Management of Information Systems (F54)
- MSc in Technology Management (F36)
Some postgraduate qualifications allow study to be chosen from other subject areas. We advise you to refer to the relevant qualification descriptions for information on the circumstances in which this course can count towards these qualifications because from time to time the structure and requirements may change.
If you have a disability or additional requirement
You will need to spend considerable amounts of time using a personal computer and the internet.
If you are a new student, or new to courses using a computer or the internet, you will need to inform us of your particular needs as soon as possible, as some of our support services may take several weeks to arrange. Details of how to do this and our range of support services are described in our booklet Meeting Your Needs which you can download or request from our Student Registration & Enquiry Service.
You can also find information about accessible course materials, financial support and the Disabled Students' Allowance, equipment and other services, on our Services for disabled students website. It also includes our contact details for advice and support both before you register and while you are studying.
Course materials
What's included
Course text, set book (A. Calder and S. Watkins (2006) InternationalIT Governance: An Executive Guide to ISO 17799/ ISO 27001, Kogan Page), online access to copies of the standards ISO/IEC 27001:2005 and BS ISO/IEC 17799:2005, other printed and online materials, website, optional online forums.
You will need
Access to the internet is essential for this course, since some course materials are available only on the course website. You also need to use the internet to submit your assignments to your tutor.
Computing requirements
This course includes online computer activities – you can access these using a web browser that can play Flash and Shockwave.
You will need internet access and a computer. If you have purchased a new computer since 2002 it should meet your course computing requirements. Check our Technical Requirements section if your computer is older than this or is otherwise unusual.
Teaching and assessment
Support from your tutor
You will have a tutor who will be responsible for monitoring your progress on the course, marking and commenting on your written work and whom you can contact for advice and guidance. There is usually a lively student online forum. Contact our Student Registration & Enquiry Service if you want to know more about study with The Open University before you register.
Assessment
The assessment details for this course can be found in the facts box above.
You will be expected to submit your tutor-marked assignments (TMAs) online through the eTMA system unless there are some difficulties which prevent you from doing so. In these circumstances, you must negotiate with your tutor to get their agreement to submit your assignment on paper.
You will take your examination in one of the University’s examination centres.
Professional recognition
The British Computer Society (BCS) offers exemption from some of its membership requirements for holders of an appropriate MSc in Computing from The Open University. M886 can form part of such an MSc. For more details ask you can download our Recognition leaflet 3.7 Computing or ask our Student Registration & Enquiry Service for a copy. BCS regulations can be found on their website.
Students also studied
Students who studied this course also studied at some time:
Future availability
The details given here are for the course that starts in May and November 2010. We expect this course to be available twice a year.
How to register
To register a place on this course return to the top of the page and use the Click to register button. For more information and advice about registration see OU Study Explained.
About this page
A postgraduate course in Business and Management and Computing and ICT.
Study explained
- Course
- - a module of study that can count towards a qualification.
- Credit points
- - show how much study is required to complete a course or qualification. One credit point represents roughly 10 hours of study.
- Financial support
- - find out if you qualify for support with your fees with our eligibility checker.
- Study explained
- - all you need to know about studying with the OU.
Student Reviews
As someone who works in Infosec for Central Government, I found this is an excellent course that will give one ...
Read more
This was a very good course and I would encourage more people to study it as it is excellent in ...
Read more
Got a question?
Contact an adviser in our Student Registration & Enquiry Service
Email or call +44(0) 845 300 60 90
Browse the prospectus
Request a print prospectus
Share
This PageThe University wishes to emphasise that, while every effort is made to regularly update this site, the material on it is subject to alteration or amendment in the light of changes in regulations or in policy or of financial or other necessity.