This course will examine the operational aspects of Information Assurance (IA) and cyber security, in particular the implementation of management systems and acquisition.

i) Information Systems (IS) strategy

ii) Information Assurance (IA) Governance - scope and purpose

iii) Procurement

iv) Governance and management

v) Security policies and processes

vi) Security Standards

On the completion of this course the student will be able to

. Analyse the key components of an organisational strategy from relevant business management theories

. Compare and contrast different frameworks for IA management systems from those presented

. Critically assess a given security policy.

· Develop a range of metrics to measure IS, Enterprise Architecture and IA performance appropriate to the information supplied in a case study

. Justify selecting a management system for a given organisation

. Outline an implementation program for ISO 27000 family

. Develop security requirements in the context of acquisition