This course introduces students to the basic principles of an ISMS and how businesses use them to manage the ongoing protection of sensitive information they hold effectively. There are many reasons for establishing an ISMS for an organisation, but one of the main goals is to enable the organisation to manage information security as a single entity, which can be monitored and continually improved on. This course covers information security management in a business context and will give students an understanding of how modern organisations manage the ongoing threats to their sensitive assets.
On successful completion of this course, students will be able to describe what an ISMS is, how one is established, maintained and improved and describe the role that international standards play in developing an ISMS. Students will develop skills such as communication literacy, critical thinking, analysis, reasoning, and interpretation, which are crucial for gaining employment and developing academic competence.