You are in:: Start > CC4083
Site map
Information Security Management
| Code: | CC4083 | Acronym: | CC4083 | Level: | 400 |
| Keywords | |
|---|---|
| Classification | Keyword |
| OFICIAL | Computer Science |
Instance: 2024/2025 - 1S 
| Active? | Yes |
| Responsible unit: | Department of Computer Science |
| Course/CS Responsible: | Master in Information Security |
Cycles of Study/Courses
| Acronym | No. of Students | Study Plan | Curricular Years | Credits UCN | Credits ECTS | Contact hours | Total Time |
|---|---|---|---|---|---|---|---|
| M:SI | 25 | Study plan since 2020/2021 | 2 | - | 6 | 42 | 162 |
Teaching Staff - Responsibilities
| Teacher | Responsibility |
|---|---|
| Paulo de Carvalho Martins |
Teaching - Hours
| Theoretical and practical : | 3,23 |
| Type | Teacher | Classes | Hour |
|---|---|---|---|
| Theoretical and practical | Totals | 1 | 3,231 |
| Paulo de Carvalho Martins | 3,231 |
Teaching language
Suitable for English-speaking studentsObjectives
The objectives are:- To know the information security management tools that exist. Study the ISO 27001 standard and based on this international standard reference other standards that complement and / or allow to know other tools.
- Study tools "Risk Management" existing and how to apply different methodologies to various contexts.
- Knowing what is "information" and the various levels that can exist in information classification context, differentiating between critical and public information depending on the context in which it operates
- Conduct an ISO 27001 implementation of work in a process / company in order to realize the association of management controls and information security to a practical context and in daily operations.
Learning outcomes and competences
As a result of learning and skills, students should be able to:Define and assess requirements for security management;
Know various strategies and safety management methods;
Identify problems associated with security management;
Propose effective methods of solving security management problems;
Compare and evaluate the different information security management strategies.
Set the information security management framework applicable to each organization
Identify good information security practices that make sense to apply depending on the context analysis
Support the implementation of an Information Security Management System
Define and implement a methodology of "Risk Management" in order to be able to assess and manage risks.
Assess vulnerabilities, threats and risks of a process / company
Evaluate the benefits of certification in Information Security
Working method
PresencialPre-requirements (prior knowledge) and co-requirements (common knowledge)
There are no prerequisitesProgram
The program is:- Introduction to information security management
- ISO standards for information security management
- International standards / models for the management of risk
- Business continuity management
- PDCA model
- Information Security Audits
- Certification business and personal
- The future of information security management
- Review / presentations of practical work
- Final evaluation
Mandatory literature
ISO; ISO 27001Teaching methods and learning activities
Teaching methods and learning activities are:- Content Lectures that support the joint and theoretical analysis of information security management concepts, risk management and implementation of an information security management process
- Reporting and conducting individual presentations summarizing the frameworks / standards studied outside the classroom
- A practical work that will be developed over the course, outside of class schedules. In order to deepen knowledge and associate the theoretical learning implementation in reality a methodology / standard of information security management.
Evaluation Type
Distributed evaluation without final examAssessment Components
| designation | Weight (%) |
|---|---|
| Participação presencial | 20,00 |
| Teste | 40,00 |
| Trabalho escrito | 40,00 |
| Total: | 100,00 |
Amount of time allocated to each course unit
| designation | Time (hours) |
|---|---|
| Estudo autónomo | 60,00 |
| Frequência das aulas | 42,00 |
| Trabalho de investigação | 60,00 |
| Total: | 162,00 |
Eligibility for exams
Obtaining the frequency is achieved by the class participation, delivery and presentation of work and by a final test .Calculation formula of final grade
The final grade calculation formula is as follows, taking into account the evaluation component weights:= test note +
classroom participation note +
written work evaluation
Copyright 1996-2025 © Faculdade de Ciências da Universidade do Porto
I Terms and Conditions
I Acessibility
I Index A-Z
I Guest Book
Page created on: 2025-06-17 at 01:30:52 | Acceptable Use Policy | Data Protection Policy | Complaint Portal
Page created on: 2025-06-17 at 01:30:52 | Acceptable Use Policy | Data Protection Policy | Complaint Portal