Security as Continuous Improvement
IMT4661 - Security Management Dynamics
Having completed the course, the students will be able to:
- Understand the relation between security standards for information organizations and quality improvement
- Understand and be able to analyze the “quality improvement paradox”, i.e., the reason why a majority of attempts to accomplish quality improvement is frustrated owing to counterintuitive systemic reactions
- Analyze cases in information security management so as to detect impediments to continuous improvement of security
- Apply these concepts in practice to several important cases (such as security incident reporting systems, Computer Security Incident Response Teams, business continuity, resilience, Critical Infrastructure Protection)
- The quality improvement paradox
- Security and quality improvement processes
- Improving the Performance of Computer Security Incident Response Teams (CSIRTs)
- Incident reporting systems and Learning from incidents
- Security risks in the transition to Integrated Operations
- Security-dependent safety. Continuous improvement of security in Critical Infrastructure
Pedagogiske metoder (fritekst)
Web-enabled course with forum
Vurdering av prosjekt(er)
- Two multiple choice exams counting each 15%
- Two individual projects (papers) counting each 35%
Each part must be individually approved of
Bokstavkarakterer, A (best) - F (ikke bestått)
Evaluated by the lecturer
Utsatt eksamen (tidl. kontinuasjon)
The whole course must be repeated
The course requires active participation in projects – both in class and outside class.
Hands-on modelling exercises during class are best carried out in computer lab.
Students are encouraged to bring laptops to the classroom.
Written material will be given/sent to the students during the semester.