|
Instructors: M.Sc. Maximilian Müller; Prof. Dr. rer. nat. Michael Waidner
Event type:
Lecture
Org-unit: Dept. 20 - Computer Science
Displayed in timetable as:
ISM
Subject:
Crediting for:
Hours per week:
2
Language of instruction:
German
Min. | Max. participants:
- | -
Course Contents:
In the lecture, an exemplary, fictitious organization is used to demonstrate how information security is established in all processes of the organization.
The following topics are considered, among others:
* Maturity level assessment regarding information security of the organization
* Capability Maturity Model Integration (CMMI) Framework
* Establishment of a Cyber Security Strategy
* Information Security Governance
* Establishment of an Information Security Management System (ISMS) according to ISO/IEC 27001:2013 and IT-Grundschutz
* Security Awareness within the organization
* Key Performance Indicator to measure information security
* Asset Management, information networks and process analyses
* Protection requirement analyses and business impact analyses
* Qualitative and quantitative risk management
* Risk analysis, treatment and monitoring processes
* Vulnerability Management (dealing with IT vulnerabilities in own and outsourced systems)
* Business Continuity Management (BCM)
* Business Continuity Planning (BCP)
* Secure IT operations, securing operational processes
* Secure development
* Securing cloud services
* Management of service providers
* Incident Management: securing, detecting and responding to security incidents
* Audit Management
* Review of compliance and governance
Preconditions:
Attendance of the course "Computer Security" is recommended.
Further Grading Information:
For questions, please contact Maximilian Müller: maximilian.mueller@usd.de.
Additional Information:
All teaching materials and documents are distributed via 'lernportal Informatik' (Informatik-Moodle). (https://moodle.informatik.tu-darmstadt.de).
The course will take place digitally, the link ti this will also be distributed via Moodle.
Digital consultation hours are offered as required and requested.
|
