| CODE | CIS3042 | ||||||||
| TITLE | Security, Quality and Risk Issues in I.S. | ||||||||
| UM LEVEL | 03 - Years 2, 3, 4 in Modular Undergraduate Course | ||||||||
| MQF LEVEL | 6 | ||||||||
| ECTS CREDITS | 5 | ||||||||
| DEPARTMENT | Computer Information Systems | ||||||||
| DESCRIPTION | This study-unit provides students with an opportunity to appreciate and learn the various aspects of security in today's software environments. They will be able to build more secure programs and web apps, as well as appreciate risk. Aspects will cover a wide range, from purely managerial aspects concerning Information Security, (like threat modelling, upper management awareness and responsibility for establishing and maintaining necessary policy documents), to more technical aspects (such as risk analysis, disaster recovery and usage of tools) to support the Information Security management process. Learning Outcomes: 1. Knowledge & Understanding: By the end of the study-unit the student will be able to: - Demostrate an understanding of the concepts and issues involved in computer security; - Study and assess the security level in a company or entity and assess to management in an understandable way; - Comprehend the problems of standards for Information Security. 2. Skills: By the end of the study-unit the student will be able to: - Investigate and report on information security aspects of Information Technology products and services; - Promote the design and usage of secure systems; - Critically apply academic knowledge in a security or risk related occupation. Main texts and supplementary readings: • Mike Andrews & James A Whittaker How to break Web Software: Functional and Security Testing of Web Applications and Web Services Addison-Wesley Professional ISBN-10: 0321369440 ISBN-13: 978-0321369444 • Michael Howard & David C. LeBlanc Writing Secure Code, Second Edition Microsoft Press ISBN-10: 0735617228 ISBN-13: 978-0735617223 • William Stallings Cryptography and Network Security: Principles and Practices (3rd ed) Prentice-Hall ISBN: 0-13-091429-0 • USENET FAQ's at http://www.faqs.org • Karolak P., Software Engineering Risk Management, Wiley-IEEE Computer Society Press • Carter B., Introducing RISKMAN Methodology, NCC Blackwell • Oskarsson O., ISO9000 Approach to building quality software, Prentice Hall • Bentley C., Quality Management within Prince, Stationery Office Books • Lecture notes and website |
||||||||
| STUDY-UNIT TYPE | Lecture | ||||||||
| METHOD OF ASSESSMENT |
|
||||||||
| LECTURER/S | Clyde Meli Anthony Spiteri Staines |
||||||||
|
The University makes every effort to ensure that the published Courses Plans, Programmes of Study and Study-Unit information are complete and up-to-date at the time of publication. The University reserves the right to make changes in case errors are detected after publication.
The availability of optional units may be subject to timetabling constraints. Units not attracting a sufficient number of registrations may be withdrawn without notice. It should be noted that all the information in the description above applies to study-units available during the academic year 2023/4. It may be subject to change in subsequent years. |
|||||||||