Security as Continuous Improvement
2011-2012 - IMT4651 - 5sp

Forutsetter bestått

IMT4661 - Security Management Dynamics

Forventet læringsutbytte

Having completed the course, the students will be able to:

  • Understand the relation between security standards for information organizations and quality improvement
  • Understand and be able to analyze the “quality improvement paradox”, i.e., the reason why a majority of attempts to accomplish quality improvement is frustrated owing to counterintuitive systemic reactions
  • Analyze cases in information security management so as to detect impediments to continuous improvement of security
  • Apply these concepts in practice to several important cases (such as security incident reporting systems, Computer Security Incident Response Teams, business continuity, resilience, Critical Infrastructure Protection)

Emnets temaer

  • The quality improvement paradox
  • Security and quality improvement processes
  • Improving the Performance of Computer Security Incident Response Teams (CSIRTs)
  • Incident reporting systems and Learning from incidents
  • Security risks in the transition to Integrated Operations
  • Security-dependent safety. Continuous improvement of security in Critical Infrastructure

Pedagogiske metoder


Pedagogiske metoder (fritekst)

Web-enabled course with forum


Vurdering av prosjekt(er)


  • Two multiple choice exams counting each 15%
  • Two individual projects (papers) counting each 35%
  • Each part must be individually approved of


Bokstavkarakterer, A (best) - F (ikke bestått)


Evaluated by the lecturer

Utsatt eksamen (tidl. kontinuasjon)

The whole course must be repeated

Obligatoriske arbeidskrav

The course requires active participation in projects – both in class and outside class.

Hands-on modelling exercises during class are best carried out in computer lab.

Students are encouraged to bring laptops to the classroom.


Written material will be given/sent to the students during the semester.