Computer Security & Systems Controls

Lectures: 20 h

Recommended for:
PhD Students at IDA with different backgrounds.

The course last ran:
New course.

Goals:
Upon Completion of this subject, Students will have :

  • an appreciation on how basic audit techniques can be adapted to control EDP environments.
  • an understanding of the importance of enterprise security approaches to security implementation and management.
  • an exposure on how to recognise security and control weaknesses in EDP systems.
  • an understanding of basic risks, performance of general risk assessment exercises and recommendation of management strategies.
  • an understanding and explaination of measures available to secure physical locations, computer sites, data and personnel.
  • an understanding of the common terminology used within the security industry.
A key objective of this subject is to prepare the students for a holistic view of entreprise security in the context of business strategic views.

Prerequisites:
A good understanding of the Information Systems area as well as some exposure to management issues associated with computer environments.

Organization:
The course will delivered in an on-campus mode via a series of lectures, videos, students' presentations, case studies, individual research paper as well as a real life risk analysis field exercise.

Contents:

  • Introduction to computer security, framework of the course, terminology
  • Security policy development and implementation, Current International Standards
  • Risk management and analysis
  • Physical security issues
  • People/Personnel security issues
  • Technical security issues
  • EDP Auditing/Data Quality
  • Internet Security (secure transactions)
  • Cryptography
  • Disaster planning/recovery
  • Social/Ethical Issues in computer security
  • (A possible Industry forum on current hot issues at the time)

Literature:

  • Fink D., Information Technology Security: Managing Challenges and Creating Opportunities, CCH Australia Limited, Sydney, 1997. ISBN: 1-86264-942-1.
  • Forcht K., Computer Security Management, Course Technology, Thomson Publishing Company, ITP, 1994.

Teachers:
The course is taught by Maurice Abi-Raad (from RMIT).

Examiner:
Nahid Shahmehri.

Schedule:
November - December 98.

Examination:
Individual research paper class presentation (depending on the number of students) syndicate group risk analysis exercise Open book case study test at the end.

Credit:
3-4 credits.

Comments:
Intensive course.


Page responsible: Webmaster
Last updated: 2012-05-03