Checking date: 21/05/2022


Course: 2022/2023

Public information security management
(17433)
Study: Bachelor in Management of Public Security (341)


Coordinating teacher: RIBAGORDA GARNACHO, ARTURO

Department assigned to the subject: Department of Computer Science and Engineering

Type: Compulsory
ECTS Credits: 6.0 ECTS

Course:
Semester:




Requirements (Subjects that are assumed to be known)
There is not requirement
Objectives
- Identify the threats and vulnerability of an information system and apply the appropriate protection measures. - Know the organization and structure of cybersecurity in the State. - Know the de jure or de facto schemes of international, European and national security standardization. - Manage the security of an information system - Design a comprehensive information security plan. - Analyze and manage the risks of a specific installation. - Prepare a training plan on information security. - Know the national, European and NATO schemes of information classification, as well as the protection, maintenance and declassification of it and the security measures of the Information Technology systems that handle classified information. Know the legal framework for information security in Spain and the EU.
Skills and learning outcomes
Description of contents: programme
1. Security of information in the State 2. Standardization, homologation, evaluation, certification and accreditation. Legal framework. 3. Introduction to information security. 4. The Information Security Management System. Family ISO 27XXX. 5. The integral security plan for information systems. 6. Risk analysis and management. The MAGERIT method. The PILAR tool 7. Training and awareness plans. 8. Classification of information 9. Legal aspects related to security management.
Learning activities and methodology
Training activities include: Master classes. To facilitate their development, students will receive class presentations in the appropriate web tool and will have basic reference texts that allow them to complete and deepen the most important topics. Practices, individual or group tutorials and personal work of the student, including tests and exams. All this oriented to the acquisition of practical skills related to the program of the subject.
Assessment System
  • % end-of-term-examination 40
  • % of continuous assessment (assigments, laboratory, practicals...) 60
Calendar of Continuous assessment
Basic Bibliography
  • . Autoridad delegada para la protección de la información clasificada. Normas de la Autoridad nacional para la protección de la información clasificada. Ministerio de la Presidencia. 2014
  • A. Ribagorda.. Seguridad de la información. Curso Complementos de Formación (2ª edición).. Centro Universitario de la Guardia Civil..
  • C.M. Fernández Sánchez y M. Piattini Velthuis . Modelo para el gobierno de las TIC basado en las normas ISO. AENOR. 2012
  • Departamento de Seguridad Nacional. Estrategia Nacional de Ciberseguridad. Ministerio de la Presidencia, reacciones con las Cortes e igualdad. 2019
  • L. Gómez Fernández; P.P. Fernández Rivero. Como implantar un SGSI según UNE-ISI/IEC 27001:2014 y su aplicación en el ENS. AENOR. 2015
  • . Norma UNE-EN ISO/IEC 27000. UNE. 2019
  • . Norma UNE-EN ISO/IEC 27001. UNE. 2017
  • . Norma UNE-EN ISO/IEC. 27002. UNE. 2017
Recursos electrónicosElectronic Resources *
Detailed subject contents or complementary information about assessment system of B.T.
(*) Access to some electronic resources may be restricted to members of the university community and require validation through Campus Global. If you try to connect from outside of the University you will need to set up a VPN


The course syllabus may change due academic events or other reasons.


More information: https://cosec.inf.uc3m.es/