INFO5301: Semester 1, 2022

University home

Library

Current students

Staff intranet

Find an event

Give

Current students

Units INFO5301 Semester 1 2022 [Normal evening]

Unit of study_

INFO5301: Information Security Management

Semester 1, 2022 [Normal evening] - Remote

Overview

This unit of study gives a broad view of the management aspects of information security. We emphasise corporate governance for information security, organisational structures within which information security is managed, risk assessment, and control structures. Planning for security, and regulatory issues, are also addressed.

Unit details and rules

Unit code	INFO5301
Academic unit	Computer Science
Credit points	6
Prohibitions ?	None
Prerequisites ?	None
Corequisites ?	None
Assumed knowledge ?	This unit of study assumes foundational knowledge of Information systems management. Two year IT industry exposure and a breadth of IT experience will be preferable
Available to study abroad and exchange students	Yes

Teaching staff

Coordinator	Kanchana Thilakarathna, kanchana.thilakarathna@sydney.edu.au
Lecturer(s)	Kanchana Thilakarathna, kanchana.thilakarathna@sydney.edu.au

Type	Description	Weight	Due	Length
Final exam (Take-home short release)	Final exam Final written exam	60%	Formal exam period	3 hours
Outcomes assessed:
Assignment	Quiz Take-home assignment including short answer questions.	20%	Week 05	1 week
Outcomes assessed:
Assignment	Case study Case study	20%	Week 11	4 weeks
Outcomes assessed:
= group assignment ? = Type D final exam ?

Assessment summary

Quiz: This is an individual assignment that quizzes the knowledge of each student in the topics of weeks 1-4 with questions similar to those on the final exam.
Case study: In this practical group assignment, students are asked to analyse a case-study, write a report and deliver a presentation of their analysis and recommendations.
Final exam: Written exam that covers all aspects of the course. Obtaining at least 40% of the available marks from the written exam is a requirement to pass INFO5301.

Assessment criteria

The University awards common result grades, set out in the Coursework Policy 2014 (Schedule 1).

As a general guide, a high distinction indicates work of an exceptional standard, a distinction a very high standard, a credit a good standard, and a pass an acceptable standard.

Result name	Mark range	Description
High distinction	85 - 100
Distinction	75 - 84
Credit	65 - 74
Pass	50 - 64
Fail	0 - 49	It is a policy of the School of Computer Science that in order to pass this unit, a student must achieve at least 40% in the written examination. For subjects without a final exam, the 40% minimum requirement applies to the corresponding major assessment component specified by the lecturer. A student must also achieve an overall final mark of 50 or more. Any student not meeting these requirements may be given a maximum final mark of no more than 45 regardless of their average.

For more information see sydney.edu.au/students/guide-to-grades.

For more information see guide to grades.

Late submission

In accordance with University policy, these penalties apply when written work is submitted after 11:59pm on the due date:

Deduction of 5% of the maximum mark for each calendar day after the due date.
After ten calendar days late, a mark of zero will be awarded.

This unit has an exception to the standard University policy or supplementary information has been provided by the unit coordinator. This information is displayed below:

For late submissions, a penalty of 5% of the maximum awardable marks will be taken per day (or part) late. If the assessment is submitted more than ten calendar days late, a mark of zero will be awarded.

Academic integrity

The Current Student website provides information on academic integrity and the resources available to all students. The University expects students and staff to act ethically and honestly and will treat all allegations of academic integrity breaches seriously.

We use similarity detection software to detect potential instances of plagiarism or other forms of academic integrity breach. If such matches indicate evidence of plagiarism or other forms of academic integrity breaches, your teacher is required to report your work for further investigation.

You may only use artificial intelligence and writing assistance tools in assessment tasks if you are permitted to by your unit coordinator, and if you do use them, you must also acknowledge this in your work, either in a footnote or an acknowledgement section.

Studiosity is permitted for postgraduate units unless otherwise indicated by the unit coordinator. The use of this service must be acknowledged in your submission.

Learning support

Simple extensions

If you encounter a problem submitting your work on time, you may be able to apply for an extension of five calendar days through a simple extension.  The application process will be different depending on the type of assessment and extensions cannot be granted for some assessment types like exams.

Special consideration

If exceptional circumstances mean you can’t complete an assessment, you need consideration for a longer period of time, or if you have essential commitments which impact your performance in an assessment, you may be eligible for special consideration or special arrangements.

Special consideration applications will not be affected by a simple extension application.

Using AI responsibly

Co-created with students, AI in Education includes lots of helpful examples of how students use generative AI tools to support their learning. It explains how generative AI works, the different tools available and how to use them responsibly and productively.

Weekly schedule

WK	Topic	Learning activity
Week 01	Introduction, nature and scope of Information Systems Security	Lecture (2 hr)
Week 01	Introduction to Information Systems Security	Tutorial (1 hr)
Week 02	Introduction to technical systems in Information Security	Lecture (2 hr)
Week 02	Basics of technical systems in Information Security	Tutorial (1 hr)
Week 03	Network security and overview of cryptography	Lecture (2 hr)
Week 03	Network security	Tutorial (1 hr)
Week 04	Formal aspects of information systems security, security policy, authority/responsibility structures	Lecture (2 hr)
Week 04	Security policies	Tutorial (1 hr)
Week 05	Planning and designing for information security	Lecture (2 hr)
Week 05	Planning and designing for information security	Tutorial (1 hr)
Week 06	Risk management for information systems security	Lecture (2 hr)
Week 06	Risk management	Tutorial (1 hr)
Week 07	Corporate governance for information systems security	Lecture (2 hr)
Week 07	Corporate governance	Tutorial (1 hr)
Week 08	Informal aspects of information systems security	Lecture (2 hr)
Week 08	Informal and human aspects	Tutorial (1 hr)
Week 09	Overview of information systems security standards	Lecture (2 hr)
Week 09	Case study - Standards	Tutorial (1 hr)
Week 10	Legal aspects of information systems security	Lecture (2 hr)
Week 10	Case study - legal aspects	Tutorial (1 hr)
Week 11	Overview of computer forensics	Lecture (2 hr)
Week 11	Data forensics	Tutorial (1 hr)
Week 12	Industry Guest Lecture	Lecture (2 hr)
Week 12	Case study - Industry	Tutorial (1 hr)
Week 13	Unit review	Lecture (2 hr)
Week 13	Exam preperation	Tutorial (1 hr)

Study commitment

Typically, there is a minimum expectation of 1.5-2 hours of student effort per week per credit point for units of study offered over a full semester. For a 6 credit point unit, this equates to roughly 120-150 hours of student effort in total.

Required readings

References are provided for guidance purposes only. Students are advised to consult these books in the university library. Purchase is not required.

- Information Security: Principles and Practices by Mark Merkow and James Breithaupt

- Principles of information systems security : text and cases by Gurpreet Dhillon

- Security in Computing by Charles Pfleeger and Shari Pfleeger

Learning outcomes

Learning outcomes are what students know, understand and are able to do on completion of a unit of study. They are aligned with the University's graduate qualities and are assessed as part of the curriculum.

Outcomes
Graduate qualities

At the completion of this unit, you should be able to:

LO1. Communicate on information security issues to both managers and technical staff
LO2. List and outline major concerns and issues of managing information security
LO3. Define, describe and discuss management and governance aspects of information security
LO4. Describe risk management methodology and control structures as applied to the management of information security
LO5. Describe and characterise the attributes of information security management practices.

Graduate qualities

The graduate qualities are the qualities and skills that all University of Sydney graduates must demonstrate on successful completion of an award course. As a future Sydney graduate, the set of qualities have been designed to equip you for the contemporary world.

GQ1	Depth of disciplinary expertise Deep disciplinary expertise is the ability to integrate and rigorously apply knowledge, understanding and skills of a recognised discipline defined by scholarly activity, as well as familiarity with evolving practice of the discipline.
GQ2	Critical thinking and problem solving Critical thinking and problem solving are the questioning of ideas, evidence and assumptions in order to propose and evaluate hypotheses or alternative arguments before formulating a conclusion or a solution to an identified problem.
GQ3	Oral and written communication Effective communication, in both oral and written form, is the clear exchange of meaning in a manner that is appropriate to audience and context.
GQ4	Information and digital literacy Information and digital literacy is the ability to locate, interpret, evaluate, manage, adapt, integrate, create and convey information using appropriate resources, tools and strategies.
GQ5	Inventiveness Generating novel ideas and solutions.
GQ6	Cultural competence Cultural Competence is the ability to actively, ethically, respectfully, and successfully engage across and between cultures. In the Australian context, this includes and celebrates Aboriginal and Torres Strait Islander cultures, knowledge systems, and a mature understanding of contemporary issues.
GQ7	Interdisciplinary effectiveness Interdisciplinary effectiveness is the integration and synthesis of multiple viewpoints and practices, working effectively across disciplinary boundaries.
GQ8	Integrated professional, ethical, and personal identity An integrated professional, ethical and personal identity is understanding the interaction between one’s personal and professional selves in an ethical context.
GQ9	Influence Engaging others in a process, idea or vision.

Outcome map

Learning outcomes	Graduate qualities
Learning outcomes

Responding to student feedback

This section outlines changes made to this unit following staff and student reviews.

There will be separate 1 hour tutorial classes very well and the lecture time will be 2 hours.

Disclaimer

The University reserves the right to amend units of study or no longer offer certain units, including where there are low enrolment numbers.

To help you understand common terms that we use at the University, we offer an online glossary.

Current students

Overview

Overview

Unit details and rules

Teaching staff

Assessment

Assessment

Assessment summary

Assessment criteria

Late submission

Academic integrity

Learning support

Learning support

Simple extensions

Special consideration

Using AI responsibly

Weekly schedule

Weekly schedule

Study commitment

Required readings

Learning outcomes

Learning outcomes

Graduate qualities

Outcome map

Responding to student feedback

Responding to student feedback

Disclaimer

On this page

Useful links

Media

Student links

About us

Connect