Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Management of Information Systems Security course

No description
by

Jonna Järveläinen

on 28 October 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Management of Information Systems Security course

Management of Information Systems Security course
Course outline
Feedback from past years
Lecture activities
Course Requirements
Evaluation
Continuous work required from the beginning to the end!!!
Enterprise information security (assignments)
Privacy (activity/LJ + case)
Continuity management (assignments + case)
Risk management (activity/LJ + case)
ISSec + continuity management in IORs (assignments + case)
Information security policy (assignments)
Group essay
Jonna Järveläinen, Dr.Sc., Senior research fellow
Lectures on Mondays at 8.30-10.00 in LS07
Exercises on Wed 10.15-11.45 in LS16 and Thu at 14.15 -15.45 in LS13

Still using them (group discussions on lectures, less scheduling for you)
Guest lecturers always tricky, I'll emphasise the practicality
Some difficult (many articles have been changed)
Grading content
Learning path approach
Constructive teaching perspective, flipped classroom videos, hands-on tasks during "lectures"
The focus is management, which is emphasised already from the beginning.
Group exercises, discussions and cases good
Practical guest lecturers

Selected articles

Wiki research = group essay
Difficult instructions
Slides not comprehensive


I was positively surprised when the viewpoint of the course was focusing on business so strongly
26.10. Introduction to course and enterprise information security
2.11. Guest lecture "New EU privacy directive", Elina Niemimaa, Secrays Oy
9.11. Business continuity planning + management
16.11. Guest lecture “Information Security as part of Risk Management” Kimmo Syrjänen, Nokia HERE
23.11. Information security and business continuity management in interorganisational IT relationships
30.11. Information security policy

Cases on real or fictional security/continuity related situations => to show the implications of security/continuity incidents
Case text available in Moodle
Case discussion preparation:
Read the case and answer the questions (in Moodle)
Return one A4 page report with solutions to case questions before your case discussion session to Moodle
In discussion session, we'll discuss the case and the questions in small/large groups
No correct answers, each group has own solution, just like in real life
Case discussions, how?
7/7 Group essays
28.10./29.10. Selection of group essay topics
organising + dividing tasks
5 weeks for writing etc.
2./3.12. Group essay presentations: discussion and evaluation
Application of inquiry-based learning practice
Why?
Develop your own expertise
Studying to remember or to be an expert = understand and apply
Group essays, how?
Solving interesting research questions in groups and individually on management of information security area
Group essay
Intro, Conclusions, References, Presentation together (1-5 person group)
Personal subtopic individually
Solving a larger research question together (2000-3000 words total)
Extra: test whether your individual text is understandable with course participants with multiple-choice questions, if 60% (?) will pass it gain extra points
Essays are gathered to a wiki and in the end projects are presented
Case discussions
Three cases, for each:
Individual preparation report returned online, max. 1p
Activity in discussion, max. 2p (1p attending, 2p active participation)
3 * 3p= 9p
Group essay
2000-3000 words for 1-5 persons together
Introduction (50-200 words), max. 2p
Motivation
Research question
Subtopics (one for each member of the group)
structure planned together
Conclusions (150-300 words) + References, max 2p
Answer to the main research question, indicating how each subtopic contributed to this
Practical contribution or relevance to practioners
References (not counted to the words, nor pictures etc.)
Presentation, 2p
Interesting, well rehearsed presentation, group research problem answered
Subtopics form a coherent presentation
2p + 2p + 2p = 6p
Grading
Lectures = 9p
Pre-assignments 2p +
Activity on lecture or learning journal 6p +
Peer multiple-choices 1p
Cases 3*3p = 9p
Group essay = 12p
Intro 2p,
Personal + Turnitin + Multiple-choice 4+2p,
Conclusions + references 2p
Presentation 2p
2 Pre-assignments, max. 1p each
4 weeks of assignments max. 4p
2 Guest lectures, max. 2p
activity during lecture OR a personal learning journal
Final group essays: Multiple-choice questionnaire by peers, 1p
Max. 2p + 6p + 1p = 9p
Evaluation of lectures
Previous students
Choose only 3 cases!
Pre-assignments
Prior practical experience and knowledge on information security - discussion
For business background:
What is information security? -discussion
For technical background?
What is management? -discussion
Assignments and activity on lectures or learning journal
"Lectures" = interactive assignment sessions in groups
Solving the assignments: by yourself or discuss them in groups during the session
Before session: read articles and watch videos
During "lectures": use the pre-reading articles, videos, expertise of other group members and any other external resources to solve the assignments
Teacher = supervisor
Assignment solutions to Moodle Assignment -discussion forum
Guest lectures: be active by asking clarifying questions or write an learning journal focusing on the guest lecture
Logical subtopic that contributes to main research question clearly
Each subtopic min. 500 words (if 3-5 group members, 1-2 group members 750-1500 words)
At least two scientific papers as references, but other sources acceptable too
Sufficiently deep
Each concept defined clearly
Each citation mentioned in the text, example (Niemimaa & Järveläinen, 2013) and full reference in reference list
Turnitin on before 22.11. and the final deadline (?)
no Turnitin, no points
max 4p, BUT if you want 6p, test the text
Personal subtopic, max 4+2p
Testing the clarity of the text
Design 1-2 multiple-choice questions on your topic (true/false, A,B,C -question etc.)
no leading questions
Design a survey with webropol.utu.fi with your group
(OR Send the question with the correct answer via Moodle, 2 days before your presentation)
After your presentation, peers will read also your group essay and answer the survey
If 60% (?) answer your question correctly, then your presentation and text were clear
max 2p for subtopic clarity (+ max 4p if other criteria met = 6p)
1p for the peers (part of the evaluation of lectures)
Pass the course, min. 15p, grade 1
18p = 2
21p = 3
24p = 4
27p = 5
Max 30p
1/7 Enterprise information security
2/7 Privacy
3/7 Continuity management
4/7 Risk management
5/7 ISSec + continuity management in IORs
6/7 Information security policy
7/7 Group essay
Course sections:
1/7 Enterprise information security
26.10. Introduction to course and enterprise information security
Pre-reading articles 1a + 1b, videos
Assignments during lecture sessions or individually

2/7 Privacy
2.11. Guest lecture "New EU privacy directive", Elina Niemimaa, Secrays Oy
Pre-reading article 2
Activity on lecture or a learning journal
4./5.11. Case TJX
3/7 Continuity management
9.11. Business continuity planning + management
Pre-reading article 3, videos
Assignments during lecture sessions or individually
11./12.11. Case Fixing the payment system of Alvalade XXI
4/7 Risk management
16.11. Guest lecture “Information Security as part of Risk Management” Kimmo Syrjänen, Nokia HERE
pre-reading article 4
activity on lecture or a learning journal
18./19.11. Information security auditing -case
5/7 ISSec + continuity management in IORs
23.11. Information security and business continuity management in interorganisational IT relationships
Pre-reading article 5, videos
Assignments during lecture sessions or individually
25./26.11. Security in IOR: Kluuvi Pharmacy -case
6/7 Information security policy
30.11. Information security policy
Pre-reading article 6, videos
Assignments during lecture sessions or individually
Full transcript