Handbook Public View

This page displays current curriculum information. For staff view, please login

Unit (2020)

Information on this page, including unit offerings, is from the 2020 academic year.

Information Security Policy and Governance (ICT380)

Organisational Unit Information Technology, Mathematics and Statistics
Credit Points 3
Availability MURDOCH: S1-internal, S1-external
DUBAI-ISC: TJD-internal, TSD-internal
KAPLAN-SGP: TJA-internal, TSA-internal
Teaching Timetables Murdoch S1
Description This unit covers the advanced study of Information Security Policy and Governance at an organisational level. Students will gain an understanding of standards and policies as well as international, national and local regulatory requirements governing organisational information technology systems. The unit will address relevant data protection legislation, industry best practices, risk management techniques and develop the necessary skills to evaluate and measure organisational compliance and to determine appropriate organisational strategy to best support the information security needs.
Unit Learning Outcomes On successful completion of the unit you should be able to:
1. Describe and discuss the importance and the key characteristics of information security, as well as the principal components of information security system implementation planning in the organizational planning scheme.
2. Explain the need for contingency planning and discuss how an organization would prepare and execute a test of contingency plans.
3. Define what an information security policy is; describe the major types of information security policy and discuss the major components of each.
4. Discuss how to plan and staff an organization's information security program based on its size; recommend an information security management model and explain how it can be customized to meet the needs of a particular organization; identify the skills and requirements for information security positions.
5. Define risk management and explain how risk is assessed based on the likelihood of adverse events and the possible effects on information assets.
6. Describe the types of intrusion detection systems and the strategies on which they are based; discuss security practices used to control employee behaviour and prevent misuse of information; explain ethical and legal issues associated with the management of information security.
7. Understand and discuss the importance of information security governance and its implementation mechanisms; outline the basic components of the COBIT model.
8. Demonstrate an awareness of information security standards in high-risk industry sectors.
Timetabled Learning Activities Workshop: 1 x 3 hours per week.
All offerings of this unit include the equivalent of 30 hours of structured learning.
Unit Learning Experiences You will be exposed to a wide range of industry techniques and case studies to highlight the breadth and diversity in the domain of Information Security. Throughout the unit, an active learning approach is fostered in order to equip students with the critical analysis and independent research skills as a successful industry practitioner. In lectures, you will be briefed on the theoretical foundations and in tutorials and self-study you will then apply this knowledge to solve real world security case studies. Students will be expected to work both in groups and individually.
Assessment Students will participate in tutorials and submit worksheets (10%). There will also be a Security Policy Case study worth 15% and a research paper investigating implementation of Governance and Security Policy Exemplars worth 35%. The final exam is worth 40%.
Prerequisites ICT284 Systems Analysis and Design OR ICT287 Computer Security OR ICT378 Cyber Forensics and Information Technology OR ICT379 Security Architecture and Systems Administration.
Exclusions ICT357 Information Security Management
Appears in these Courses/Majors:
see individual structures for context
Cyber Security and Forensics (BSc) [New in 2014]
Appears in these Minors Computer Forensics and Information Security Policy
Internet Access RequirementsMurdoch units normally include an online component comprising materials, discussions, lecture recordings and assessment activities. All students, regardless of their location or mode of study, need to have access to and be able to use computing devices with browsing capability and a connection to the Internet via Broadband (Cable, ADSL or Mobile) or Wireless. The Internet connection should be readily available and allow large amounts of data to be streamed or downloaded (approximately 100MB per lecture recording). Students also need to be able to enter into online discussions and submit assignments online.


Unit Coordinator
Dr Polychronis Koutsakis
Senior Lecturer

Murdoch Campus
t: 9360 6475
e: p.koutsakis@murdoch.edu.au
o: 245.1.012 - Science and Computing, Murdoch Campus
Unit Contacts

MURDOCH: S1-External
MURDOCH: S1-Internal
Dr Polychronis Koutsakis
Senior Lecturer

Murdoch Campus
t: 9360 6475
e: p.koutsakis@murdoch.edu.au
o: 245.1.012 - Science and Computing, Murdoch Campus

Dr Florence Mwagwabi
Lecturer in Information Technology (Singapore)

e: F.Mwagwabi@murdoch.edu.au

No contacts found
Fee Calculator
Handbook help
Information for Students


The University reserves the right to cancel, without notice, any course, major, minor or unit if the number of students enrolled falls below limits set by the University.

Regulations and Rules

Students should ensure they are familiar with the University's internal legislation, including provisions specifically relevant to their studies. See the University Regulation overview and view legislation online.