National University of Sciences and Technology
Home | Back
IS-830 Information Security Management
Campus MCS
Programs PG
Session Spring Semester 2017
Course Title Information Security Management
Course Code IS-830
Credit Hours 3+0
Pre-Requisutes Basic knowledge of Computer Security/Network Security
Course Objectives To highlight the issues involved in Information Security Management.
Detail Content
  1. Organizational Security Industry Standard bodies (NIST), Industry Standards (International Organization for Standardization (ISO) and the International Electro technical Commission (ISO/IEC), BSI), Organization Security Levels, Organization Security Structure, Risk analysis and assessment, Information classification
  2. Information Security Management System (ISMS) , ISO-27000 Standard ISO 27000 Guidelines and standard, 2700 ISMS Controls, ISMS implementations in an organization, Assets inventory classification, Assets Risk calculation, Risk assessment, Risk Valuation, RISK treatment, Residual Risk, Business impact Analysis, Certification process
  3. Organization Security Policy Administration Policies, Procedures, Standard practices, Information Security Policy Writing, Baselines, Guidelines and Policy enforcement.
  4. Business Continuity Planning Introduction to Incident Handling, Project Management and Initiation, Business Impact Analysis (BIA), Recovery Strategies, Plan Development and Implementation, Testing, Maintenance, Awareness and Training.
  5. Social Engineering Attack, Techniques and Defenses
  6. Physical Security A-I-C Triad (Availability, integrity and Confidentiality), Crime prevention through environmental design(CPTED), Perimeter and Building Ground Perimeter Protection, Building entry points, Inside the Building: Building Floors, Office suites, Offices, Penetration (intrusion) Detection System, Assurance Trust and Confidence Mechanism, Information Assurance and Protection Mechanisms
Text/Ref Books
  1. Book of Information Security Management/Hal Tipton and Micki Karrause, Consulting Editors Publishing by CRC Press LLC 2. CISSP CBKFifth Edition, by Shon Harris
  2. ISO 27001 Documents, ISO 27002 Controls Document.
Time Schedule Spring Semester 2015
Faculty/Resource Person Lt Col Dr. Monis Akhlaq, PhD
University of Bradford, UK
Discipline: Information Security,
Specialization: Improved Performance High Speed Network Intrusion Detection Systems (NIDS)