Information security is becoming increasingly important. Globalization of the economy leads to a growing exchange of information between organizations (their employees, customers and suppliers) and a growing use of networks, such as the internal company network, connection with the networks of other companies and the Internet.
Other relevant trends include:
(international) standards and certification in the field of information security
continuing computerization of (IT) management
development of automated security tools
outsourcing of management tasks
Furthermore, activities of many companies now rely on ICT, and information has become a valuable asset. Protection of information is crucial for the continuity and proper functioning of the organization: information must be reliable. The international standard, the Code of Practice for Information Security ISO/IEC 27002:2013 structures the organization of information security. For that reason, it is an important point of departure for this module.
In the Information Security modules the definition of the Dutch platform of information security professionals is being used: Information Security deals with the definition, implementation, maintenance, compliance and evaluation of a coherent set of measures which safeguard the availability, integrity and confidentiality of the (manual and automated) information supply. The module Information Security Management Advanced based on ISO/IEC 27002 tests organizational and managerial aspects of information security. Its target group are people who are professionally involved with the implementation and evaluation of information security.