This module investigates the whole process of information security management and associated activities including the concepts used and practices prescribed by relevant standards, such as those defined by ISO/IEC. A holistic view of information security management is taken, including risk management, the formulation of security policies, business continuity and resilience.
Technical subjects include a description of the various security models, and showing how authorisation policies can be automatically enforced. The legal and data protection issues associated with information management are also addressed, as are the usability issues of security technologies.
Total contact hours: 42
Private study hours: 108
Total study hours: 150
Method of assessment
50% Coursework and 50% Examination
Group presentations (20%)
Final essay (30%)
Examination, 2 hours (50%)
Taylor, A., Alexander, D., Finch, A. and Sutton, D., "Information Security Management Principles", 2019, 3rd edition, BCS.
Calder, A. and Watkins, S., "IT governance: an international guide to data security and ISO27001/ISO27002", 2019, 7th edition, Kogan Page.
Sutton, D., "Information Risk Management: A practitioner's guide," 2014, BCS.
See the library reading list for this module (Canterbury)
On successfully completing the module students will be able to:
1 Demonstrate systematic understanding of the importance of taking a systems-wide approach to maintaining cyber security, and the role of security risk management.
2 Comprehensively understand the motivation, design, operation and management of modern systems for security management, including awareness of relevant human
factors especially usability issues.
3 Show familiarity of legal issues on security and data protection, and relevant security (management) standards.
4 Analyse and evaluate critically the security and data protection requirements of an organisation.
5 Apply and critically modern security by design principles to develop solutions to real world secure systems problems.
6 Demonstrate awareness of appropriate processes, techniques and tools for developing and managing security systems.
7 Understand the basis of business continuity planning and management, and cyber resilience.
Back to top
Credit level 7. Undergraduate or postgraduate masters level module.
- ECTS credits are recognised throughout the EU and allow you to transfer credit easily from one university to another.
- The named convenor is the convenor for the current academic session.
University of Kent makes every effort to ensure that module information is accurate for the relevant academic session and to provide educational services as described. However, courses, services and other matters may be subject to change. Please read our full disclaimer.