UNIVERSITI KUALA LUMPUR 2022 YEAR: SEMESTER: SEPTEMBER COURSE CODE: IKB31503 UniKL MIIT COURSE LEARNING PLAN (CLP) To be shared with students. SECTION A: COURSE DETAILS 1. Name of Course : Information Security Management Systems Course Code : IKB31503 2. Synopsis : A computer security audit is a systematic, measurable technical assessment of how the organization's security policy is employed at a specific site. Computer security auditors work with the full knowledge of the organization, at times with considerable inside information, in order to understand the resources to be audited. It involves everyone who uses any computer resources throughout the organization. Given the dynamic nature of computer configurations and information storage, some managers may wonder if there is truly any way to check the security ledgers. Security audits provide such a tool, a fair and measurable way to examine how secure a site really is. Understanding the process involved will prepare the students for situations like this in a real working environment. 3. Name(s) of academic staff : Semester and Year offered : Ts. Herny Ramadhani Mohd Husny Hamid Ts. Norhaiza Ya Abdullah Credit Value : 3 4. 5. Semester 6. Student Learning Time (SLT): 2 Year 3 Lecture (F2F) Tutorial (F2F) Practical (F2F) Others (F2F) Guided / Online / Technologymediated (Synchronous) Independent Learning (N-F2F) TOTAL 0 0 28 2 28 62 120 7 Prerequisite/corequisite: (if any) 8 Course Learning Outcomes (CLO): At the end of the course the students will be able to... (example) explain the basic principles of immunisation (C2,PLO1) 9 NA CLO1 analyze security risk assessment of an organization (C4, PLO4) CLO2 apply various technology and tools to assists IT auditing of security management (A4, PLO1) CLO3 produce audit report findings and advisories (C4, PLO9) Mapping of the Course Learning Outcomes to the Programme Learning Outcomes, Teaching Methods and Assessment : Please select the Learning Outcome Domain (LOD) for each PLO in the cells above it. E.g. PLO1 - Knowledge, PLO2 - Cognitive, PLO3 - Practical Skills Programme Learning Outcomes (PLO) - BCSS & BSE Course Learning Outcomes (CLO) C4A - Personal skills PLO1 C5 - Ethics and professionalism PLO2 PLO3 PLO4 PLO5 PLO6 PLO7 PLO8 PLO9 ✓ CLO 1 CLO 2 C3E - Numeracy skills ✓ ✓ CLO 3 10 Transferable Skills (if applicable) (Skills learned in the course of study which can be useful and utilized in other settings) 1 Ethics and professionalism 2 Personal skills 3 Numeracy skills PLO10 PLO11 PLO12 Learning and Teaching Method(s) Assessment Method(s) Lecture, Group Discussion Test Lecture, Group Discussion Assignment Lecture, Group Discussion Project 4 5 11 Assessments Type Methods Test 20 Assignment 20 Project 20 Final Assessment(s) Final Test 40 Total 4 assessment methods 100% Continuous Assessment(s) 12 References (include required and further readings that are most current) 13 Other additional information : Weightage (%) Required reading: 1. Raymond Pompon, IT Security Risk Control Management: An Audit Preparation Plan (2016) ISBN: 1484221400, 9781484221402 Publisher: Apress 2. Edward Humphreys, Implementing the ISO/IEC 27001:2013 ISMS Standard , ISBN 1608079317, 9781608079315, Publisher : Artech House, 2016 Further readings: 3. Angel R. Otero, Information Technology Control and Audit, Fifth Edition (2018) , ISBN 0429877323, 9780429877322, Publisher CRC Press Elective Course for BSE programme UNIVERSITI KUALA LUMPUR YEAR: 2022 SEMESTER: SEPTEMBER COURSE CODE: IKB31503 UniKL MIIT COURSE LEARNING PLAN (CLP) To be shared with students. SECTION B: LEARNING SCHEDULE 3-14 Oct. 2022 17-28 Oct. 2022 WEEK 3&4 WEEK 1&2 Week Topics CLO Delivery Methods 1 Online Lecture and Course Briefing 1, 2 Online Lecture and Class Discussion Assignment 1 1, 3 Online Lecture and Class Discussion Test 1 1, 3 Online Lecture and Class Discussion Project 2 Online Lecture and Class Discussion Test 2 1, 2 Online Lecture and Class Discussion Assignment 2 1, 2 Online Lecture and Class Discussion 3 Online Lecture and Class Discussion 1. Introduction to IT Audit and Assessment 2. Vulnerabilities and Contermeasures 3. Security Management Assessments IT Control Framework and Standard - ISMS and other standards 31 Oct. 4 Nov. 2022 WEEK 5 IT Audit Procedure and Planning 7-18 Nov. 2022 WEEK 6&7 Risk Management MID SEMESTER BREAK 20 Nov. 9 Dec. 2022 WEEK 8&9 Technology used to Support IT Auditing 12-16 Dec. 2022 WEEK 10 IT Management and IT Operations ... 19 - 31 Dec. 2022 2 -13 Jan. 2023 WEEK 13 & 14 WEEK 11 & 12 IT Controls Regarding Network Security Audit and Assessment Analysis - Report Submission and Presentation Presentation and Report Submission