Module Information

Module Identifier
ILM3320
Module Title
Information Assurance
Academic Year
2013/2014
Co-ordinator
Semester
Semester 1
Other Staff

Course Delivery

Delivery Type Delivery length / details
Lecture
Seminars / Tutorials and Practicals
 

Assessment

Assessment Type Assessment length / details Proportion
Semester Assessment Report/written presentation (equivalent to 2500 -,000 words)  60%
Semester Assessment Portfolio of practical excercises  40%
Supplementary Assessment Supplementary coursework for failed course elements 

Learning Outcomes

On successful completion of this module students should be able to:

* Critically analyse information assurance in the current IT and security landscape

*Outline system vulnerabilities, evolving threats and mechanisms for mitigating these threats

  • Compare the various roles within the IA framework and re-evaluate the changing requirements

*Critique and design policies and plans which align with organisational goals and meet legal and ethical standards

* Apply the information perspective in the IA environment and conceptualise cross disciplinary, cross functional approaches to managing the organisation's information securely

*Formulate strategies for implementing IA across an organisation to ensure the confidentiality, integrity and availability of information and information systems

Brief description

Information is the lifeblood of organisations. To preserve its value, skilled professionals must ensure it is protected from loss, theft, or corruption and expertly maintained. Information assurance is the discipline that prepares individuals to protect and defend information and information systems across an enterprise. Broader than simply computer security, IA encompasses policies, planning, technologies, procedures, training and awareness programs, compliance protocols and audit processes ? each necessary to safeguard enterprise information.

Whilst the enabling of access and the sharing of data are valid outcomes for any information management programme, the restricting of access where appropriate, has become equally essential. This may be established on the basis of:
  • the confidentiality of certain types of data,
  • the need to preserve the integrity of information which may be presented in courts, tribunals etc., (i.e. proof that data has not been altered subsequently)
  • the authenticity of its contents (i.e. it can be proven to have been undertaken by the people in question, as part of the activity under review and at the time and date on which it was purported to have occurred).

Content

This module examines methods and best practices for securing information and information systems. Students will learn how system vulnerabilities arise, gain an understanding of the evolving threats that systems face, and discover how to mitigate them. Students will master concepts and skills related to the IA life cycle'rrom policy through audit'rnsuring the confidentiality, integrity and availability of information and information systems.
The content of the module is divided into:

Context:
threats, vulnerabilities and strategic countermeasures in a variety of contexts; system services and strategies that implement IA; the life cycle for IA in an organisational context.

Policies, plans and strategies:
organisational goals through IA policy and plans; the information assurance life cycle through IA planning; the human factors affecting the validity of IA policy and plans; legal and ethical issues related to IA


Roles within the IA framework:
the role and responsibilities of security professionals; the role of risk management in IA decision making; the ability and skills required to maintain currency in IA

The information perspective in the IA environment:
the concepts of information privacy and accountability; the relationship between people and IA practices and technology.

Module Skills

Skills Type Skills details
Application of Number N/A
Communication Oral and written communication via tutorials and classroom discussion/online forums in VLE and assessed work
Improving own Learning and Performance Self management: students make their own selections relating to sector for specialisation/directed study through exercises in certain units and assessed work.
Information Technology Students are expected to utilise the VLE, and other technical systems during practical sessions. Coursework requires the application of IT in its presentation.
Personal Development and Career planning Career needs awareness include portfolio activities, and assessment of competencies for continuing professional development
Problem solving Exercises which seek to identify the needs of the organisation and how best these might be met under different operational conditions
Research skills Analysis of sets of resources and their application to a research problem
Subject Specific Skills Professional skills development in embedding Information Assurance in recordkeeping designs and developing risk management plans
Team work Group activities are integral to the teaching of this module, and to classroom exercises.

Notes

This module is at CQFW Level 7